Security and Encryption
Handshake takes the security of your data extremely seriously. Exactly how seriously is outlined below.
All data that is sent over the internet by Handshake is encrypted using industry-standard methods:
Our website is only accessible via HTTPS. This means every visit to our website is SSL-encrypted and no eavesdropping can take place.
All traffic between Handshake on your iPad or iPhone and our website is encrypted with a mixture of SSL and Blowfish. This allows us to provide total network data security as well as an optimized network protocol that works well on the flaky 3G / 4G networks that iPads and iPhones have to cope with.
Credit Card Encryption
We have a highly detailed discussion of the extra security layer around credit card numbers on our site, however, a synopsis of that discussion is below:
We encrypt all stored credit cards with a public encryption key whose private half is only known to you, the user. This means we have effectively locked ourselves out of the system and cannot view your credit card numbers even if we wanted to.
Credit cards cannot possibly be decrypted in the Handshake iPad or iPhone apps. This means if your iPad or iPhone is stolen or compromised, there is no way to get the credit card numbers out of it.
Credit card numbers can only be retrieved from the Handshake website by you.
As outlined in our Terms of Service, you must take responsiblity for the security of the devices that you access Handshake from, as well as for the security of the email address that is linked to your Handshake account.
No amount of security in the world from our end is going to protect you in the event you access Handshake from a compromised device (e.g. a public computer in an internet cafe) or allow your email account to be accessed by an attacker.