UnoLock: Advancing Digital Asset Security
UnoLock offers a comprehensive digital security system, underpinned by the Data Self-Governance (DSG) framework and by the Triple-Layered Consent Model. This ensures advanced user authentication and data sovereignty, requiring the explicit consent from three distinct parties for data access: the data owner, UnoLock's Server APIs, and secure Security Keys or Passkeys.
This unique approach ensures that vault owners have unparalleled control over their data, providing a secure and comprehensive mechanism for data management and accessibility. With AES-256-GCM encryption, FIDO2 authentication, and robust key management, your data and digital assets remain secure across multiple devices. Global redundancy and enhanced key management further protect data, even during regional disruptions, maintaining access control and privacy.
View DocumentationTechnicals: What makes UnoLock's Security Different
An innovative security framework offering unparalleled protection and peace of mind.
Triple Consent Model
UnoLock’s security relies on the Triple Consent Model, ensuring full alignment between the owner, server, and keys for ultimate control and privacy.
Advanced Encryption
Combining AES-256-GCM and ECDHE-ECDSA encryption with data replication, UnoLock provides a robust defense against threats.
Key Management
Securely store and wrap cryptographic keys using advanced protocols, safeguarding your data from unauthorized access.
FIDO2 Authentication
Integrating WebAuthn and biometrics, UnoLock ensures secure, password-less access and defense against phishing.
Governance: Underpinning Technicals
-
User-Centric Control
UnoLock’s DSG model empowers vault owners with complete autonomy, eliminating the need for third-party consent mechanisms. The owner is the sole decision-maker, ensuring that only they govern how their data is stored, shared, or deleted.
-
No Access to Data
Thanks to this self-governance structure, UnoLock has no access to the data itself. This model guarantees that all encryption and control remain entirely within the user's domain, reinforcing privacy and security without external dependencies.
More Security Features
Explore the advanced security features of UnoLock.
Client Application Isolation in Web Browser
Browser SecurityBrowser Content Security Policy (CSP) Isolation
Network IsolationCSP ensures the isolation of unauthorized external content, minimizing risks of data injection, preventing malicious scripts, and improving data integrity.
Learn MoreSecure Hashing and Signing of PWA Updates
Integrity ProtectionUsing SHA-256 and ECDSA, all updates are securely hashed and signed, preventing tampering and unauthorized modifications during PWA update processes.
Learn MoreFIDO2 Authentication with WebAuthn for Secure Access
Access SecurityFIDO2 authentication via WebAuthn ensures secure access to the UnoLock Safe, preventing phishing attacks with strong device-specific login credentials.
Learn MoreEnhanced MFA with Keylogger Protection
Multi-Factor AuthenticationMFA with randomized keypads and mouse-based PIN input prevents keylogger attacks, ensuring secure and convenient login processes.
Learn MoreClient-Side Encryption Using AES-256 GCM
EncryptionAll data is encrypted on the client side with AES-256 GCM before being transmitted, ensuring only you have access to your sensitive information.
Learn MoreSecure Direct Storage of Encrypted Data in AWS S3
Cloud StorageData is securely encrypted and directly uploaded to AWS S3 using pre-signed URLs, bypassing intermediate servers and ensuring end-to-end encryption.
Learn MoreDual-Layer Encryption with AWS S3 Server-Side Encryption (SSE)
Multi-Layer SecurityCombining client-side AES-256 encryption with AWS S3 SSE ensures a double-layer security approach, protecting your data at rest and during transit.
Learn MoreAdvanced Key Management with Client-Side Keyring
Key ManagementDynamic key generation using a client-side keyring protects your data with unique encryption keys for each data chunk, minimizing risk and exposure.
Learn MoreAdvanced Data Deletion and Perfect Forward Secrecy
Data SecurityData deletion ensures the removal of encryption keys and perfect forward secrecy, making your data irretrievable even after deletion.
Learn MoreSHA-256 Hash Verification of Uploaded Data
Data IntegrityUsing SHA-256 hashes, uploaded data is verified to ensure integrity and authenticity, protecting against corruption and tampering during transmission.
Learn MoreRobust Data Redundancy with AWS S3
Data AvailabilityAWS S3’s inherent redundancy ensures data replication across multiple devices and facilities, safeguarding your data from failures and ensuring high availability.
Learn MoreNo Browser Local Storage or Cookies Used
Privacy ProtectionUnoLock does not use browser local storage or cookies, minimizing data leakage risks, reducing tracking potential, and enhancing privacy.
Learn MoreCommitment to Anonymity and Data Privacy
Privacy and Data IntegrityUnoLock enforces strict privacy policies, collecting no user data and maintaining anonymous payment options. Minimal server logs are purged after three days, ensuring complete privacy for all users.
Learn MoreAdvanced API Security: AES-256 GCM and ECDHE_ECDSA
API EncryptionUnoLock uses AES-256 GCM and ECDHE_ECDSA encryption to secure API communications, ensuring end-to-end encrypted data transfer, preventing eavesdropping or man-in-the-middle attacks.
Learn MoreServer-Side Metadata Encryption with Encrypted Session Management
Metadata EncryptionAll metadata associated with your safes is encrypted with client-side authorization, ensuring that only you can decrypt it during a session. The stateless server design ensures no persistent metadata access.
Learn MoreSecure Deletion of Safes and Encrypted File Records
Secure DeletionUpon deletion, all encryption keys are wiped, ensuring that safes and file records cannot be recovered. This guarantees permanent data erasure and full compliance with data protection laws.
Learn MorePlausible Deniability with Dual-Pin Safe System
Dual-Pin SecurityUnoLock offers a dual-pin system for plausible deniability. One pin grants access to a decoy safe, while another unlocks the real data, protecting sensitive information in high-risk situations.
Learn MoreRobust Key Management with Multi-Key Registration and WebAuthn
Key ManagementMulti-key registration and WebAuthn support allow users to register multiple keys per safe, reducing risks from lost keys or lockouts while offering flexibility with passkeys and physical security keys like YubiKeys.
Learn MoreAdvanced Key Management: Admin and Read-Only Access with Timelock
Key Access ControlAdmin and read-only access options allow for flexible data control. The Timelock feature enables temporary disablement of a key, offering enhanced security in high-risk scenarios.
Learn MoreSecure Viewing of Supported File Types Directly Within the Client Application
Secure File AccessUnoLock allows users to view files directly within the application with in-memory decryption, ensuring that data never touches the device's persistent storage, protecting against unauthorized access.
Learn MoreInactivity-Triggered Safe Access Methods: Lockout Guard and Legacy Link
Safe Access MethodsLockout Guard and Legacy Link ensure that in the event of user inactivity, access to safes is maintained through QR codes, safeguarding critical data in emergencies or posthumous scenarios.
Learn MoreServerless Infrastructure for Enhanced Security
Serverless ArchitectureUnoLock's serverless architecture reduces attack surfaces and eliminates vulnerabilities associated with traditional server management, enhancing overall platform security and scalability.
Learn MoreAdvanced AWS Account Management
AWS ManagementMulti-account AWS management with WebAuthn MFA and strict access control ensures that operations are securely handled with minimal privileges, reducing risks of unauthorized access or data breaches.
Learn MoreStateless Multi-Account Build System with AWS CodePipeline
Build System SecurityStateless build systems and multi-account isolation ensure secure and consistent software development, with multi-person approval required for changes, maintaining code integrity and security.
Learn MoreDigital Paper Wallet (DPW) for Cryptocurrency Management
Cryptocurrency ManagementUnoLock’s DPW enables secure cryptocurrency management by generating private keys in-browser, encrypting them client-side with AES-256 GCM, and allowing secure transaction signing without exposing private keys.
Learn More
UnoLock runs in a secure browser sandbox, preventing access to the OS and minimizing malware risks while ensuring privacy and cross-platform consistency.
Learn More