Security

TownPay is built security-first. Here's how we protect your funds and data.

End-to-end encryption

All data in transit is encrypted with TLS 1.3. Data at rest is encrypted using AES-256 on Supabase-managed infrastructure hosted in AWS.

Escrow isolation

Funds held in escrow are isolated from operating accounts. No funds can be released without meeting the cryptographically verified conditions agreed to at payment creation.

Stripe for card processing

TownPay never touches raw card data. All card payments are handled by Stripe, a PCI DSS Level 1 certified payment processor. We store only tokenized payment references.

Row-level security

Every database query is scoped to the authenticated user via Supabase Row Level Security. Users cannot access or modify data belonging to other users — ever.

Webhook signature verification

All Stripe webhooks are verified using HMAC-SHA256 signatures before any state change is committed. Replayed or tampered events are rejected.

Secure session management

Sessions use short-lived JWTs issued by Supabase Auth. You can sign out all other sessions from Settings → Security at any time.

TrustProof receipts

Every completed transaction generates a SHA-256 receipt hash that can be used to independently verify the transaction record. Receipts are immutable once issued.

Admin key isolation

Service-role (admin) credentials never leave the server. No privileged key is bundled into client JavaScript or accessible from the browser.

Report a vulnerability

If you discover a security issue, please contact us at security@townpay.com. We take all reports seriously and aim to respond within 24 hours. We do not pursue legal action against good-faith researchers.