Security & Trust

Your Customers' Mail Deserves Bank-Grade Care

Mailbox operators handle government IDs, notarized forms, and other people's mail. Here is how Innbocks protects all of it.

Protection at Every Layer

Accounts & Access

Passwords are stored only as bcrypt hashes — never in plain text. Sign-in and registration endpoints are rate-limited against brute force, and staff accounts are separated from owner accounts.

Documents & Mail Scans

Mail scans and USPS Form 1583 documents are stored privately and served through short-lived signed links, minted only after the requester's ownership of the record is verified. Every custody event on a mail piece is recorded in a tamper-evident chain of custody.

Payments

All payments run through Stripe. Card numbers never touch Innbocks servers, and incoming payment events are signature-verified and processed exactly once.

Day-to-Day Practices

  • All traffic is encrypted in transit with TLS.
  • Each vendor's data is scoped to their own tenant — customers, mail, and documents are isolated per store.
  • Terms-of-service and privacy-policy acceptances are stored as immutable snapshots for your compliance records.
  • Production errors are centrally monitored so issues are caught before they become incidents.
  • USPS Form 1583, e-notarization, and CRD workflows are built in — see our compliance automation for the full picture.

Compliance is its own discipline — read about our USPS 1583 and CRD compliance automation.