Security

Security you can
audit and verify.

We don't ask you to trust us — we show our work. Every security control is documented, auditable, and built into the platform architecture.

🇳🇬NDPR Compliant
☁️AWS KMS
🛡️SOC2 (in progress)
🇪🇺GDPR Ready
🔐ISO 27001 (planned)
🌍
African Data Residency
All customer data stored in AWS af-south-1 (Cape Town). Audio files, transcripts, and metadata never leave African soil unless you explicitly configure cross-region backup. NDPR-compliant by design.
AWS af-south-1 · Cape Town, South Africa · NDPR Art. 2.1
📞
Caller Number Masking
Enable caller number masking in your config to hide caller digits from dashboard users. Numbers stored as hashed tokens — displayed as +234 *** *** 789. NDPR compliant by design.
Per-client config toggle · NDPR Article 2.1(c)
🗑️
Data Deletion Policy
When you cancel, all call recordings and transcripts are deleted within 30 days. Export your data at any time from the dashboard before cancellation.
30-day deletion SLA · CSV export available
🔐
Encryption at Rest
All stored data — transcripts, recordings, caller information, knowledge base content — encrypted at rest using AES-256 via AWS KMS with customer-managed keys on Enterprise.
AWS KMS · AES-256 · CMK available on Enterprise
🔒
Encryption in Transit
All API calls use TLS 1.3. Internal microservice communication uses mTLS with certificate pinning. WebSocket audio streams are encrypted end-to-end.
TLS 1.3 · mTLS internally · HSTS enforced
🪝
Webhook HMAC Signing
Every outbound webhook payload is signed with HMAC-SHA256 using your client secret. Verify the X-Orinode-Signature header on every request to prevent spoofing.
HMAC-SHA256 · X-Orinode-Signature header
📋
Full Audit Logging
Every sensitive action — plan changes, API key operations, team permission changes, billing events — is immutably logged with timestamp, user, and IP address.
Immutable audit trail · 90-day retention
Access Control

Who sees what —
precisely controlled.

Control Description
Role-based accessOwner, Admin, and Agent roles with distinct permission sets.
Granular permissionsPer-user toggle for call logs, phone numbers, knowledge base, config, billing, and test calls.
Team groupsGroup users with shared permission overrides. Assign colours for visual identification.
Session securitySessions invalidated on password change. HTTPS-only cookie flags. CSRF protection on all state-changing endpoints.
Rate limitingLogin: 5 attempts per IP per window. Signup: 3 attempts per IP per window. Backed by an in-memory cache with automatic unlock.
Admin URL randomisationAdmin panel served at a configurable randomised path — not discoverable via standard URL scanning.
API key authX-API-Key header only. Query parameter auth disabled (would appear in access logs and proxy caches).
Developer audit logEvery API key create/revoke/rename, billing top-up, and webhook change recorded with IP address.
Verification

Verify webhook signatures

Every Orinode webhook includes an HMAC-SHA256 signature. Verify it on your server to reject spoofed requests.

# Python — verify Orinode webhook signature
import hmac, hashlib

def verify_orinode_webhook(payload_bytes, signature_header, secret):
    expected = hmac.new(
        secret.encode(), payload_bytes, hashlib.sha256
    ).hexdigest()
    received = signature_header.removeprefix("sha256=")
    return hmac.compare_digest(expected, received)

# In your view:
sig = request.headers.get("X-Orinode-Signature")
if not verify_orinode_webhook(request.body, sig, YOUR_WEBHOOK_SECRET):
    return HttpResponse(status=401)
HTTP Security

Every response is
hardened by default.

HeaderValue
X-Frame-OptionsDENY — prevents clickjacking
X-Content-Type-Optionsnosniff — prevents MIME sniffing
Referrer-Policystrict-origin-when-cross-origin
Permissions-Policycamera=(), microphone=(), geolocation=(), payment=(), usb=()
Content-Security-PolicyRestrictive policy — no inline scripts, no eval, allowlisted origins only
Strict-Transport-Securitymax-age=31536000; includeSubDomains (production)
ServerOrinode (stack fingerprint hidden)
Responsible Disclosure

Found a vulnerability?

We take security reports seriously. Contact our security team with a detailed description and proof-of-concept. We aim to respond within 24 hours.

security security@orinode.ai
Chat on WhatsApp