We treat the integrity of your kennel records, your payment data, and your account credentials as non-negotiable. This page summarises the technical and organisational measures we have in place.

Transport security

All traffic between your browser and our servers is encrypted with TLS 1.2 or higher.
HSTS is enabled on our public domain to prevent downgrade attacks.

Authentication

Passwords are never stored in plain text. We hash with bcrypt and a per-user salt.
Sessions are issued as short-lived JSON Web Tokens (JWTs), signed with a server-side secret, expiring after 7 days.
Optional Sign in with Google delegates identity verification to Google's OAuth 2.0 flow; we never see your Google password.
Two-factor authentication (TOTP) is available to every user and is enforced on high-value actions when enabled — ownership transfers and escrow releases require a fresh TOTP code even after you're already signed in. We use the standard RFC 6238 time-based one-time password algorithm; pair the registry with any authenticator app (Google Authenticator, 1Password, Authy, etc.).
Public form abuse is mitigated with Cloudflare Turnstile in fail-closed strict mode in production — challenges that can't reach Cloudflare are denied, not silently bypassed.
Admin access is role-gated and verified on every privileged API call.

Data at rest

Database: encrypted at rest (AES-256) on our MongoDB provider.
Photo uploads: encrypted at rest in our Object Storage backend.
Automated daily backups with a defined retention window.

Payments (PCI scope)

All card processing is handled by Stripe, a PCI-DSS Level 1 certified processor.
We never receive, store, or transmit full card numbers, CVVs, or expiry dates. Our servers see only Stripe metadata (last-four, brand, charge ID).

Application-layer protections

Server-side validation on every endpoint — prices, permissions, and ownership are re-checked on the backend and never trusted from the client.
Strict input schemas via Pydantic; typed responses prevent accidental data leakage.
Permission checks on every write (dog edit, transfer approval, pedigree approval).
Microchip uniqueness is database-enforced — the dogs collection has a unique partial index on the normalised microchip field, so the same chip cannot be claimed by two different registry records.
Rate-limiting on sensitive endpoints (login, registration, password changes).
Structured server logs without PII for anomaly detection.

Internal controls

Least-privilege access: only named administrators can read production data, and only via audited paths.
Dependency updates tracked and deployed on a regular cadence.
Code-review gate before anything reaches production.
Secrets (API keys, signing keys) are stored in environment variables, never in source control.

Responsible disclosure

If you believe you have discovered a security issue — a vulnerability, an exposed endpoint, a data leak — please email us privately at security@armstrongk9registry.com or use our contact form before public disclosure. We commit to acknowledging reports within 3 business days and to working with good-faith researchers respectfully.

Please do not run automated scanners, brute-force authentication flows, or perform testing that could impact real users. Safe-harbour terms apply to good-faith, responsibly-disclosed research.

Breach notification

In the unlikely event of a breach affecting your personal data, we will notify affected users without undue delay and in accordance with applicable U.S. state breach-notification laws, providing details of the incident, potential impact, and mitigation steps.

Security Measures