πŸ›‘ Enhancing privacyΒΆ

In accordance with Reincubate’s position on privacy and data – and the company’s mission to democratise access to data, so individuals and companies can do more with their own data on a transparent and ethical basis – the API’s licensing agreement specifically prevents its use for any unethical purpose, and for integration with any product which is marketed for unethical purposes.

The company has led the industry in developing a number of critical privacy-enhancing features.

Note

To report a security vulnerability please email ent-support@reincubate.com.

Two-factor authentication: 2FA / 2SVΒΆ

Modules for 2FA are made freely available to all users of the API, and it is recommended that all clients take advantage of the functionality and encourage their end-users to adopt it. Better account security benefits every user of the ecosystem: usernames and passwords alone is not best practice in securing accounts.

TokenisationΒΆ

In keeping with encouraging adoption of 2FA, the API’s tokenisation module is also made freely available to every client. This removes the need to store the most sensitive account credentials, which in turn reduces potential client data exposure.

Note

Where clients take advantage of *asmaster* its token storage mechanism uses a secure key-rolling vault. When using *asapi*, token storage is deferred to the underlying cloud service, such as Apple’s iCloud.

Low-level account blockingΒΆ

The API includes a strict account blocking mechanism which allows for completely disabling access to named accounts. Consequently, it is possible (and encouraged) to blacklist access to known high-risk accounts.

Account access notificationΒΆ

Reincubate considers best practices for account security to include automatically emailing end-user account owners at such time as their data is accessed, and do continue to do so on an ongoing-basis. Clients typically want to control this process with their own branding, or to rely on the underlying service provider’s messages: however, a mechanism is available in the API which can send a call-back to a client’s notification system, such as MailChimp.