Security & Trust

1. Inherited Security Architecture

Kamiara is built upon a foundation of Inherited Security. We leverage the multi-billion dollar infrastructure of Google Cloud Platform (GCP) and Firebase to ensure that your data is protected by the same security standards used by global financial institutions.

• Certified Data Centers: Our infrastructure is hosted in SOC 2 Type II, ISO 27001, and PCI DSS compliant data centers.
• Physical Security: Google's data centers feature industrial-grade physical security, including biometric identification and 24/7 surveillance.

2. Zero-Knowledge End-to-End Encryption & Isolation

We implement a "Defense in Depth" strategy with zero-knowledge architecture to ensure that your financial data remains entirely private and unreachable by unauthorized parties, including our own developers.

• End-to-End Encryption (E2EE): All your sensitive financial transactions, wallets, balances, and categories are encrypted directly on your device using institutional-grade AES-256-GCM encryption. The data is encrypted before it ever leaves your device.
• Zero-Knowledge Access: Cryptographic keys are generated on your device. To facilitate seamless multi-device synchronization, an encrypted escrow copy of your Master Key is securely stored on our servers, wrapped by a key derived from your custom 6-digit E2EE PIN using PBKDF2 (600,000 iterations). Because the PIN is never transmitted to or stored on our servers, zero-knowledge is maintained: neither Kamiara's developers, hosting providers, nor administrators can decrypt or view your data.
• Recovery Protocol: During setup, a unique human-readable 256-bit Recovery Key is generated alongside your custom 6-digit E2EE PIN. You can recover your cryptographic Master Key on new devices either by entering your 6-digit PIN (which retrieves and decrypts the escrow copy) or by entering your Recovery Key directly.
• Encryption in Transit: Data moving between your device and our servers is protected by TLS 1.3 (HTTPS) to prevent interception.
• Strict isolation via Rules: We utilize server-side Firestore Security Rules to guarantee that no user can access another user's encrypted payloads, providing an additional logical layer of defense.
• Google Drive Sandboxing: For users who choose to sync with Google Drive, we utilize the App Data Folder protocol. This ensures that financial data is stored in a hidden, isolated sandbox that Kamiara cannot use to access your personal files, nor can other apps access Kamiara's data.
• Hardware Security: Authentication tokens and cryptographic key materials are stored using Hardware-Backed Encryption (Expo SecureStore/Keychain) on mobile devices, preventing data extraction even from physical device access.

3. Automated Threat Prevention

We implement advanced technical measures to prevent automated abuse, data scraping, and clickjacking attacks.

• Content Security Policy (CSP): A strict policy is enforced to prevent Cross-Site Scripting (XSS) and unauthorized code injection.
• Interaction Verification: Critical actions require "Human Interaction Proof." We detect and block automated scripts by analyzing interaction patterns and durations.
• Two-Tier API Protection: We employ a strict server-side throttling mechanism to prevent resource exhaustion. Extreme anomalies or attempts to tamper with payloads trigger our Progressive Ban Engine, which automatically suspends malicious accounts (from 1 hour to permanently) and locks database access at the infrastructure level.

3. Vulnerability Reporting Policy

We welcome the global security community to help us maintain the highest standards of safety. If you discover a potential vulnerability, we encourage you to report it responsibly.

4. Incident Response Plan

In the highly unlikely event of a security breach, Kamiara adheres to a strict transparency protocol compliant with international standards (GDPR):

• 72-Hour Notification: We commit to notifying any affected users via their registered email within 72 hours of confirming an incident.
• Immediate Containment: Our systems include "kill-switch" protocols to temporarily freeze synchronization if suspicious patterns are detected, protecting the integrity of your data.