BrightspaceQ: How Secure?
Hi,
Do you have any independent security audits by reputable experts that verify objectively that your app is secure?
It's one thing for the vendor to say it's safe but that's not so reassuring eg. Kaspersky antivirus
Also even if it was verified as secure at a point in time, how do users know that it remains secure after updates?
Finally with all the encryption and fragmenting of storage - how reliable is it, I mean does it break? If so the users have lost everything?
how would you compare to say PasswordBoss ( a competitor who sold here also)
thanks & GLWS
MertBaser_TransferChain
Feb 16, 2026A: Hi Brightspace,
1) Yes, we conduct continuous internal security testing and annual third-party penetration tests. For sharing the business-approved audit reports, we require an NDA, after which our latest audit partner issues an individualized report.
2) Data Security:
✔️ Client-side & end-to-end encryption — passwords are encrypted before leaving your device (not hashed)
✔️ Data fragmentation — encrypted data is split into pieces on your device
✔️ Distributed storage — fragments are stored across multiple cloud providers
✔️ Blockchain-based authorization — ensures the highest security and control
3) Zero-Knowledge Architecture Is Version Independent
- Even if an update introduced a bug, TransferChain:
- Never stores master keys
- Never stores decrypted data
- Never holds full unfragmented objects
- Cannot reassemble data server-side
So updates cannot silently introduce custodial access, because the architecture does not allow it.
This is not policy-based security.
It is protocol-level restriction.
4) As I checked quickly , Password Boss encrypts data but stores it centrally.
TransferChain eliminates single storage custody entirely through fragmentation + multi-cloud distribution.
This is architectural-level superiority, not just algorithm choice.
Best regards,
— Mert | TransferChain 🔐
Thank you for your response Mert, it sounds very impressive, I appreciate the architechtural superiority. What about reliability?
I understand your NDA requirement for your audit partner's report.
Please tell me the name of your third party auditor, I'm willing to sign the NDA to see the report, please advise how we can progress this, Thanks
Verified purchaser
Hi Brightspace,
Please feel free to send a quick email to [email protected] so we can arrange a call and walk through everything in a transparent and detailed manner. I’ll be happy to address all your questions directly and guide you through the next steps regarding the NDA and our annual third-party security audits.
Looking forward to connecting.