Security and Trust

POShield is built for organizations that take security seriously. This page provides the information your security team needs to evaluate POShield.

Questions? Contact our security team at security@poshield.com

Personal Data

Encrypted

Field-level encryption on all personal data

Email Content

Never Read

Extension only checks sender address

Blockchain

Immutable

Tamper-proof verification records

✓

Field-Level Encryption

All personal data is encrypted at the application level before database storage. Even in the event of a database breach, personal data remains encrypted and unreadable.

Unlike traditional database encryption where keys are stored alongside the data, POShield encrypts all personal information (names, email addresses, organization details) at the application level using AES encryption. The encryption keys are stored separately from the database and are never accessible to the database host.

Data We Collect and Why

Data Type	Purpose	Stored Where	Encrypted?
Admin name and email	Verify admin identity	Supabase (US West)	Yes
Organization name and domain	Identify the organization	Supabase (US West)	Name: Yes / Domain: No
Buyer names and emails	Identify authorized purchasers	Supabase (US West)	Yes
Spending limits and roles	Display purchasing authority	Supabase (US West)	No (non-personal)
Cryptographic hashes	Verification lookups	Arbitrum blockchain	Hashed (irreversible)
OAuth token	Verify admin status	Session only (not stored)	Not retained

Browser Extension Security

The POShield browser extension is installed by resellers, MSPs, and manufacturers. It operates with strict privacy constraints designed to pass enterprise security review:

Minimal data access

Only reads sender email addresses visible on screen. Does not access email content, attachments, contacts, or calendar.

Local-only hashing

Email addresses are converted to irreversible hashes inside the browser. Actual email addresses never leave the device.

Domain-filtered checks

Only queries the verification registry for domains registered on POShield. All other emails are completely ignored.

No tracking or analytics

The extension does not track browsing activity, email reading patterns, or any user behavior.

Read-only blockchain queries

Verification checks are read-only calls to a public blockchain. No data is written, no record of the query exists.

No background data collection

The extension is only active when Gmail or Outlook Web is open. It does not run in the background.

OAuth Permissions Explained

When an administrator verifies their organization through Google Workspace, POShield requests the following OAuth scopes:

openid

Confirms the user is who they say they are.

Basic authentication. No data access.

Retrieves the admin's work email address.

Email address only. Does not access inbox or email content.

profile

Retrieves the admin's name.

Display name only. Does not access contacts or other profile data.

admin.directory.user.readonly

Checks whether the user has admin privileges.

Admin status only (yes/no). Does not read user directories or any organizational data.

Infrastructure Security

Database hostingSupabase (SOC 2 Type II certified), US West region

Data encryptionField-level AES encryption at application layer, plus AES-256 at rest

BlockchainArbitrum L2 (Ethereum-secured), decentralized and immutable

AuthenticationGoogle OAuth 2.0 / Microsoft OAuth 2.0 (industry-standard)

Data in transitTLS 1.2+ encryption on all connections

Database securityRow Level Security (RLS) policies on all tables

Smart contractProfessional audit before mainnet deployment, multi-signature wallet ownership

Code repositoryPrivate repositories with access controls

Blockchain Verification

✓Immutability. Once a verification is recorded, it cannot be altered or deleted by anyone, including POShield. This prevents fraud through record manipulation.
✓Transparency. The verification registry is publicly auditable. Any party can independently verify that a buyer credential is legitimate.
✓Privacy by design. Only cryptographic hashes are stored on-chain. These cannot be reversed to reveal original email addresses or personal information.
✓Decentralization. Verification data exists across thousands of nodes in the Ethereum/Arbitrum network, not on a single server that could be compromised.

For Education Customers

Additional compliance information for K-12 schools and educational institutions:

FERPA Compliance

POShield does not collect, store, access, or process any student education records or student personally identifiable information (PII) as defined by FERPA, 20 U.S.C. 1232g. Our service exclusively handles adult administrator and purchasing staff verification data.

SOPIPA Compliance (California)

POShield complies with the Student Online Personal Information Protection Act, California Business and Professions Code 22584-22584.5. We do not use data for advertising, do not sell personal information, do not create student profiles, implement reasonable security measures, and will delete data upon request.

POShield is prepared to execute Data Privacy Agreements (DPAs) with school districts, including the SDPC National Data Privacy Agreement template.

Security FAQ

Does POShield read email content?

No. The extension only reads the sender's email address, which is already visible on screen. It never accesses subjects, body text, attachments, or any other email data.

What happens if your database is breached?

All personal data is encrypted at the application level before storage. Even if the database is compromised, the data remains encrypted and unreadable. Encryption keys are stored separately from the database.

What data is on the blockchain?

Only cryptographic hashes. These are irreversible and cannot be used to determine the original email addresses or personal information. No readable personal data exists on the blockchain.

Is POShield FERPA compliant?

Yes. POShield does not access any student education records or student PII. We exclusively handle adult staff verification data. We are prepared to execute DPAs with school districts.

What happens if we want to leave POShield?

We will delete all personal information from our database within 30 days. Buyer credentials on the blockchain will be deactivated. Blockchain hash records cannot be deleted but contain no personal information.

What Google Workspace data does POShield access?

Only two things: the administrator's email address and name, and whether they have admin privileges (a yes/no check). We do not access email content, documents, calendars, contacts, or directories.

Where is data stored?

Personal information is stored in Supabase (SOC 2 Type II certified) in the US West region. Verification hashes are stored on the Arbitrum blockchain.

Do you have SOC 2 certification?

POShield is building toward SOC 2 Type I certification. Our infrastructure provider (Supabase) is SOC 2 Type II certified. We follow SOC 2-aligned security practices. Contact security@poshield.com for our current security documentation.

What is your breach notification process?

In the event of a data breach, POShield will notify affected organizations within 72 hours of discovery, including the nature of the breach, data involved, containment steps, and recommended actions.

Can we conduct a security review before adopting POShield?

Absolutely. We welcome security reviews and are happy to answer technical questions, provide documentation, or participate in vendor assessment processes. Contact security@poshield.com.

Security Contact

POShield Security

Email: security@poshield.com

DPA Requests: dpa@poshield.com

We respond to security inquiries within 2 business days.

Full data handling practices

Get Verified

Start your organization verification