Security at UNOFFICIAL

We take security seriously. Your data, designs, and payments are protected with industry-leading practices.

Our Security Measures

Encrypted Data

All data in transit is encrypted with TLS/SSL. Passwords are hashed using bcrypt with salt. We never store plain-text credentials.

Secure Infrastructure

Hosted on enterprise-grade cloud providers with 24/7 monitoring, automatic backups, and DDoS protection.

Access Controls

Role-based permissions ensure only authorized personnel can access sensitive data. All admin actions are logged.

Regular Audits

We conduct regular security audits, penetration testing, and code reviews to identify and fix vulnerabilities.

Payment Security

We never store your credit card information. All payments are processed through PCI-DSS compliant partners:

  • Paystack: Licensed by the Central Bank of Nigeria
  • Flutterwave: ISO 27001 certified payment processor

Your payment details go directly to these processors - we only receive confirmation tokens.

Design Protection

Multi-Layer Protection System

  • Visible Watermarks: All voting displays show UNOFFICIAL watermarks to prevent theft
  • Invisible Watermarks: Steganographic encoding embeds your submission ID in the image file
  • Low-Res Display: Voting galleries show compressed versions - high-res files stay protected
  • Right-Click Protection: Basic protection against casual copying
  • DMCA Tools: Automated takedown request generation for infringement

Account Security Tips

Do:

  • ✓ Use a strong, unique password (12+ characters with mixed case, numbers, symbols)
  • ✓ Log out when using shared devices
  • ✓ Keep your email secure (it's your account recovery method)
  • ✓ Report suspicious activity immediately

Don't:

  • ✗ Share your password with anyone (we'll never ask for it)
  • ✗ Use the same password across multiple sites
  • ✗ Click suspicious links in emails claiming to be from UNOFFICIAL
  • ✗ Access your account on public WiFi without a VPN

Reporting Vulnerabilities

Found a Security Issue?

We appreciate responsible disclosure. If you discover a security vulnerability, please email:

security@unofficialng.com

Include: detailed description, steps to reproduce, potential impact, and your contact info. We'll respond within 48 hours.

Security Questions?

For general security inquiries, contact security@unofficialng.com