Security & Privacy at Brianni
Learn how Brianni protects your digital assets and ensures only your chosen recipients can access them.
Your Privacy is Absolute
Brianni is built on a fundamental principle: we cannot access your data, ever. Our zero-knowledge architecture ensures that even if our systems were compromised, your digital legacy remains meaningless encrypted data without your personal keys.
Zero-Knowledge
We never see your content
Client-Side Encryption
Secured on your device
Your Keys Only
Only you control access
Multi-Layer Security Architecture
Layer 1: Advanced Authentication
Multiple secure authentication methods protect your account from unauthorized access.
Authentication Options:
- Passkeys with biometric verification
- OAuth with Google and Apple
- Passwordless email authentication
- Multi-factor authentication support
Security Features:
- Session management and monitoring
- Device fingerprinting protection
- Automatic session expiration
- Suspicious activity detection
Layer 2: Vault-Level Encryption
Your vault is encrypted and only you can unlock it.
Encryption Standards:
- AES-256 encryption for data at rest
- Client-side key generation
- 12-word mnemonic recovery system
- Hardware security module integration
Key Protection:
- Master keys never leave your device
- Secure key derivation algorithms
- Biometric key unlocking via passkeys
- Automatic key rotation protocols
Layer 3: Recipient Package Protection
Each package has its own encryption that only the intended recipient can unlock.
Challenge Security:
- Personal question verification
- Answer-based key derivation
- Multiple attempt protection
- Time-locked access controls
Distribution Control:
- Executor verification requirements
- Official document validation
- Automated secure delivery
- Access attempt monitoring
Infrastructure & Operational Security
Cloud Security
- Enterprise-grade infrastructure
- Encrypted data transmission (TLS 1.3)
- Geographic data redundancy
- Regular security audits
- SOC 2 compliance standards
Network Protection
- DDoS protection and mitigation
- Web application firewalls
- Rate limiting and throttling
- IP whitelisting capabilities
- Real-time threat monitoring
Data Protection
- GDPR and privacy law compliance
- Right to data portability
- Secure data deletion protocols
- Minimal data collection principles
- Regular data protection assessments
Access Controls
- Role-based access management
- Principle of least privilege
- Regular access reviews
- Employee security training
- Secure development lifecycle
Your Security Responsibilities
Partnership in Security
Your digital legacy's protection depends on following these practices:
Recovery Phrase Security
- Store your 12-word phrase offline only
- Write it on paper, never digitally
- Keep copies in multiple secure locations
- Never share it with anyone, ever
- Consider using a safety deposit box
Account Protection
- Set up passkeys on all your devices
- Use strong, unique passwords if needed
- Enable notifications for account activity
- Regularly review your security settings
- Log out from public or shared devices
Continuous Security Monitoring
Real-Time Alerts
Immediate notifications for suspicious account activity, failed login attempts, and security-relevant events.
Security Auditing
Comprehensive logging and monitoring of all system access, with regular third-party security assessments.
Threat Response
Automated threat detection with rapid response protocols to protect your digital legacy from emerging threats.
Open About Our Security
We believe in transparency about our security practices. While we can't reveal specific implementation details that could be exploited, we're committed to being open about our security philosophy and approach.
What We Share:
- Security architecture principles
- Encryption standards we use
- Compliance certifications
- Third-party security assessments
What We Protect:
- Specific implementation details
- Security vulnerability information
- Internal system architectures
- Sensitive operational procedures
Questions About Security?
Our security team can answer your questions about how we protect your data.