Security technologies on e-Cont.md

e-Cont.md Data Security Overview

e-Cont.md utilizes the most robust security technologies and adheres to the strict information protection policies used within the Diginet ecosystem.

Data Security and Encryption

Securing your data at e-Cont.md begins with securing your e-Cont.md account.

To protect you from account hijacking attempts, all new e-Cont.md accounts are offered two-factor authentication. Two-factor authentication is also a priority or required for many e-Cont.md features, including end-to-end encryption.

Diginet offers two options for encrypting and protecting data stored in e-Cont.md:

• Standard Data Protection

  is used for your account by default. Your data in e-Cont.md is encrypted, and the encryption keys are stored in secure Diginet data centers, so we can assist you with data recovery. End-to-end encryption is used only for certain data.
  Your sensitive data is encrypted during transmission to e-Cont.md and is stored encrypted.
  Sensitive data includes:
  • your counterparties' banking and registration data
  • your invoices
  • invoice payment information
  • your bank and payment system access keys
  • personal data of your employees registered in the e-cont.md system
  Encryption keys from your trusted devices are stored in Diginet's secure data centers, so Diginet can decrypt your data on your behalf whenever you need it, such as when you sign in to a new device, restore data from a backup, or recover data after forgetting your password. As long as you can successfully log in with your Diginet account, you will have access to your invoice data, MIA online payment information (QR code), manage your manager accounts, and back up your data.
  Diginet does not have encryption keys for your manager accounts, and we will not be able to help you recover this data if you lose access to your account.

• Advanced Data Protection

  This is an optional setting that provides the highest level of protection for data stored in the cloud. If you choose to enable Advanced Data Protection, only your trusted devices will have access to encryption keys for most of your e-Cont.md data, protecting your data with end-to-end encryption. This advanced protection extends to your data, the data of your managers, and backups of your e-Cont.md account.
  If you enable Advanced Data Protection and then lose access to your account, Diginet will not have encryption keys to help you recover your data. You will need a trusted account restorer or a personal recovery key. Since most of your e-Cont.md data will be protected with end-to-end encryption, you will need to specify at least one trusted account restorer or set up at least one recovery key before enabling Advanced Data Protection.
  You can disable Advanced Data Protection at any time. Your device will securely upload the necessary encryption keys to Diginet servers, and your account will revert to standard data protection.

  How to enable extended data protection in e-Cont.md

Data protected with end-to-end encryption

Data protected with end-to-end encryption can only be decrypted on your trusted devices logged in with your e-Cont.md account. Unauthorized persons, including e-Cont.md employees, will not be able to access your data protected with end-to-end encryption. This data remains secure even in the case of a data breach in the cloud. If you lose access to your account, only you can recover it. You will need a recovery contact or a recovery key.

About third-party data centers

Data may be stored and processed in Diginet data centers or third-party data centers. When processing data stored in a third-party data center, access to encryption keys is granted only to Diginet software running on secure servers, and only for the required processing. The keys are always stored in Diginet's secure data centers. Diginet does not have access to or store the keys used for end-to-end data encryption.