Security Behind Visible Giving
Security Operating Controls
Security and compliance are part of the trust layer that keeps donations, records, and evidence reliable.
Edge and Abuse Controls
App Check, origin checks, security headers, and rate limiting help protect account, payment, and evidence surfaces from automated abuse.
Firebase Authentication
Secure user authentication with custom claims for role-based access control (RBAC), session management, and multi-factor authentication support.
Server-Owned Ledger State
Sensitive donation, payment, evidence, and verification state is controlled by trusted server workflows and scoped database rules.
Payment and Document Boundaries
Payment details are delegated to Stripe or Paystack. Tax documents, evidence, and sensitive files use private storage and time-limited access.
Environment and Secret Hygiene
Production configuration separates public settings from server secrets and keeps provider credentials out of client-facing code.
Rate Limiting
Sensitive flows use rate limits and validation so account access, donations, KYC, and evidence submissions remain dependable under pressure.
Payment Integrity
Provider checkout plus ledger validation keeps the donor experience simple without trusting optimistic UI state.
Stripe Integration
- Signed webhook verification with Stripe signature
- Card data handled by PCI-compliant payment providers
- Idempotency keys for duplicate prevention
- 3D Secure authentication for high-risk transactions
Paystack Integration
- HMAC-SHA512 webhook signature verification
- Provider-managed payment handling and signature verification
- Constant-time comparison for signature validation
- Local payment methods for Nigerian market
Data Privacy & Retention
Comprehensive privacy controls and data protection measures
Tax Document Privacy
- Private GCS storage with V4 signed URLs
- 15-minute TTL for secure access
- 7-year retention for compliance
- Automatic lifecycle management
Session Security
- HttpOnly, Secure, SameSite cookies
- Server-side session verification
- Automatic session expiration
- CSRF protection
User Rights
- Data access and portability
- Right to deletion (with limitations)
- Notification preferences control
- Quiet hours and cooldown settings
Evidence Privacy
- Private until verification complete
- Public only when verified=true
- Secure upload with virus scanning
- Access logging and audit trail
Security Control Areas
Operational controls that are implemented in the platform today
Access Control
Custom-claims RBAC, scoped portals, and server-side authorization checks for operational actions
Payment Integrity
Signed Stripe and Paystack webhooks, idempotent processing, and payout-state tracking
Data Protection
Encryption in transit, private storage buckets, signed URLs, and managed secrets
Auditability
Evidence logs, payout traces, tax-document records, and notification history across core workflows
Operational Safeguards
Rate limiting, maintenance gates, signed internal calls, and disabled public debug surfaces
Retention & Access Windows
Document retention policies, signed-download expirations, and lifecycle-managed storage paths
Security Incident Response
Coordinated incident handling and private responsible disclosure
Our Response Process
Responsible Disclosure
Ebun does not currently operate a public bug bounty or paid vulnerability rewards program. If you identify a credible security issue, report it privately so our team can triage and remediate it responsibly.
Need to Report a Security Issue?
Use the technical support channel for vulnerability reports, suspicious activity, or questions about platform safeguards