The portal server is - like the SecSign ID server - protected by multiple firewalls.
Additionally, the software solution SecSign ID Routing Server decomposes each incoming mobile device message and reassembles it in order to filter out any malformed content. The SecSign ID Routing Server is the endpoint of the https encryption from the browser. Hence, the servers in our demilitarized zone (DMZ) like the SecSign ID Server cannot be reached directly.
The SecSign Portal is protected against attack scenarios like SQL injection, OS-injection, etc. via a web application firewall and the exclusive use of prepared statements. Attacks via flooding and DDoS are hindered by successive delay.
Generally, all access is realized via HTTPS.
In this case client and server verify all certificates. Furthermore, all documents and messages are stored on the server side in encrypted form (AES256).
We have many years of experience with the development of security infrastructure for authorities and banks.