End-to-end encrypted DMs
Direct messages use the Signal protocol. Ripple servers only ever see ciphertext for one-to-one and small-group DMs.
Encryption you can inspect, audits you can request, and a bounty program for anyone who finds an issue.
Direct messages use the Signal protocol. Ripple servers only ever see ciphertext for one-to-one and small-group DMs.
Our platform is SOC 2 Type II audited annually by an independent AICPA-accredited firm. Report available under NDA.
All server-side data is encrypted at rest with AES-256. Keys are rotated quarterly and held in an HSM-backed KMS.
Every new sign-in triggers an in-app + email alert. Two-factor authentication with a hardware key is supported and encouraged.
We take security reports seriously. Our program follows industry best practice, and we'll never take legal action against good-faith researchers.
PGP fingerprint on request from security@ripple.example.com.