Security

How Knowledger protects your data

Last updated: April 2026

Knowledger is built to handle confidential information. Security is not an afterthought — it is a core product requirement.

Encryption

All PKD submissions are encrypted with AES-256-GCM before being stored. This is the same encryption standard used by financial institutions and government agencies worldwide.

Encryption happens immediately on submission — before the data reaches our database. The decryption key is held securely in our application infrastructure and is never stored alongside the encrypted data.

Sealed records

Once a PKD is submitted it is sealed. Neither the inviting party nor Knowledger staff can access the content of a sealed record. The only way to access a sealed record is for both parties to mutually agree to unseal it, or for a formal legal process to require it.

This is by design. We built it this way because the product only works if both parties can trust it completely.

Infrastructure

Knowledger runs on:

  • Supabase — database and authentication, SOC 2 Type 2 certified, hosted on AWS

  • Vercel — application hosting

  • Stripe — payment processing, PCI DSS compliant

  • Resend — transactional email

SOC 2 Type 2 certification means our infrastructure provider has been independently audited for security, availability, and confidentiality controls.

Authentication

Passwords are hashed using industry-standard algorithms — never stored in plain text. We support Google SSO for additional security. Session tokens are rotated on each login.

Data in transit

All data transmitted between your browser and Knowledger is encrypted via TLS 1.2 or higher.

Payment security

Knowledger does not store card details. All payment processing is handled by Stripe, which is PCI DSS Level 1 compliant — the highest level of payment security certification.

Responsible disclosure

If you discover a security vulnerability in Knowledger please contact us at hello@useknowledger.com before disclosing publicly. We will respond within 48 hours and work with you to resolve the issue responsibly.

Contact: hello@useknowledger.com