Our Commitment to Security
Roger1 takes the security of your account and data seriously. We implement industry-standard practices to protect the information you entrust to us.
Account Security
- Password hashing — passwords are stored using bcrypt hashing. We never store your plaintext password.
- Two-factor authentication (2FA) — we offer TOTP-based 2FA. We strongly recommend enabling it in your account settings.
- Session management — authenticated sessions are protected with CSRF tokens and expire automatically after inactivity.
Data Security
- Encryption in transit — all communication between your browser and our servers uses HTTPS (TLS 1.2+).
- Minimal data collection — we collect only what is necessary to operate the service, reducing your exposure in the event of a breach.
- IP anonymisation — IP addresses in our logs are hashed and not stored in plaintext.
Payment Security
All payments are processed via cryptocurrency. We never handle credit card numbers, bank account details, or other sensitive financial data. Cryptocurrency transactions are processed by our payment providers and we only receive confirmation of payment amounts.
eSIM Security
- eSIM QR codes and activation credentials are delivered over HTTPS and tied to your order.
- eSIM profiles are one-time-use. Once installed, the same code cannot be used again.
- If you suspect your eSIM has been compromised, contact support immediately.
Responsible Disclosure
If you discover a security vulnerability in our platform, please report it responsibly to us at support{{ strtolower(str_replace(' ', '', config('app.name'))) }} before public disclosure. We appreciate the security community's efforts and will respond promptly.
Your Responsibilities
- Use a strong, unique password for your account.
- Enable 2FA in your account settings.
- Do not share your order link or eSIM QR code with others.
- Contact us immediately if you believe your account has been compromised.
