← Back to BizSuite
Security & Compliance
Last updated: May 12, 2026
1. OTP & Identity Security
Our WhatsApp Authentication Gateway utilizes enterprise-grade protocols to ensure user identity:
- Secure 6-digit numeric OTP generation.
- 10-minute expiration (TTL) for all verification codes.
- Strict rate limiting (1 request per 60s) to prevent spam.
- Account lockout after 3 failed verification attempts.
2. Data Protection (PII)
We treat Personally Identifiable Information (PII) with the highest priority:
- Encryption: All data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
- Minimization: We only store data necessary for message delivery and billing.
- Isolation: Each business application (BizBooks, EventPix) operates in a strictly isolated environment.
3. WhatsApp Infrastructure
Our messaging infrastructure is built directly on the official Meta Cloud API, ensuring:
- Compliance with WhatsApp Business Policies.
- Automatic handling of user "STOP" or "Unsubscribe" requests.
- End-to-end encryption for all message payloads.
4. Audit & Monitoring
We maintain comprehensive audit logs for all technical operations, including delivery timestamps, success rates, and system performance metrics, ensuring full transparency for our business clients.