Security
Software
User Authentication
Your keys are stored inside a bin controlled by the permissions you setup. Staff or guests authenticate themselves when accessing keys.
Two Factor Authentication
You have the option to activate two factor authentication for login and key pickups on your account.
Software Intrusion Detection
We're alerted if anyone makes attempts to access our data centres, and we can react in real time.
Transport Layer Security
A private communication channel between your computer and Keycafe ensures that when you are managing your account, your information is safely transmitted.
PII Optional
Providing personally identifiable information to Keycafe is optional. In our application or API, you are able to provision keys and key access bookings without supplying the personal data of your users.
PCI
We use best-in-class PCI compliant payment processor Stripe for encrypting and processing credit card payments.
Denial of Service
Your access to the Keycafe service is protected against Denial of Service (DDOS) attacks by a best-in-class CDN provider, Cloudflare.
Managed Firewalls
Your data is secure behind state of the art firewalls.
SmartBox
Advanced IoT Security
All communication between the SmartBox and our servers is encrypted and secure. No incoming ports are left open, each device is given a unique encryption key and servers are continuously monitored for possible threats.
Encrypted Radio Connections
BLE communication with the SmartBox is encrypted in transit. WiFi connections are secured using WPA2, the industry standard.
Device Activity Alerts
SmartBoxes are cloud connected and you are notified in real time via email, mobile notifications, or webhook when key exchanges occur with the details.
OTA Updates
Devices are capable of receiving over the air updates so they always have the latest firmware and security features of our platform.
Sensitive Data Offsite
No sensitive data is stored locally on the Keycafe SmartBox and the device is further protected by encryption protocols.
Metal Construction
The SmartBox storing your keys is constructed from cold rolled steel and A383 alloyed aluminum which are commonly used in automotive and aerospace applications. It provides a physical deterrent to casual tampering that is acceptable for many use cases. Download our security architecture brief for more details.
Need additional security information? Our Security Architecture document provides more information on topics including server architecture, penetration testing, key software vendors, permission schemes for key access, privacy policy and data processing summary and SmartBox construction overview.