Security

Security at every layer

From biometric hardware to cryptographic audit trails. Every part of UIP is designed with security and privacy as the foundation.

Architecture

How UIP protects your identity

Every action requires fingerprint or face verification. No passwords, no SMS codes, no phishing vectors.

Private cryptographic keys are stored in your device's hardware security module. They can never be extracted or copied.

We verify your identity without accessing or storing biometric data. Your biometrics never leave your device.

Identity backed by official government ID verification through our partner Didit. Legally valid worldwide.

All data encrypted at rest and in transit. Messages use end-to-end encryption with unique session keys.

Digital signatures are created locally on your device using hardware-backed keys, then verified server-side.

Cryptography

Every API action is cryptographically secured with Advanced Electronic Signatures and SHA-256 hashing.

Private keys stored in device Secure Enclave, never exposed or extractable

Every document and action hashed for integrity verification

Signatures created locally, private key never leaves the device

Document hash, signature, and public key included in every audit record

Audit Trail

Every auth, signature, or message returns a unique reference ID string

Save the reference ID in your database or compliance systems as permanent proof

Use the ID to retrieve timestamp, signatory, requester, and full action details

Full name, government ID verification status, biometric authentication time

Exact UTC timestamp, timezone info, duration of signature process

Business organization, authorized representative, document type, action category

Privacy

Start building with the most secure identity platform.