Email and application security
Out of the box, INBOXNotify supports opportunistic TLS for all outbound email, ensuring messages are encrypted in transit to remote mail servers and ISPs who support TLS. Gmail lists us as delivering 100% of our email via TLS. Combining this with full HTTPS and TLS support on our SMTP and API endpoints provides safe passage for messages flowing through INBOXNotify.
We also fully support and encourage use of email standards like DKIM, SPF, and DMARC, giving you control over your domain’s reputation and reducing the risk of email spoofing.
We host our servers in one of the most impressive data centers in the country, a Type 2 SSAE 16 SOC 1 accredited facility. In addition, our systems are regularly tested using both automated systems and manual audits from respected security firms.
We partner with Stripe to manage payments on INBOXNotify. Stripe is certified as a PCI Level 1 Service Provider. INBOXNotify does not have access to customers’ credit card data at all.