Security & Cryptography

Data in Transit

All data transmitted between your browser and Huckle is encrypted using TLS 1.2 or higher. This includes all API requests, file uploads, and webhook communications.

Data at Rest

All data stored by Huckle is encrypted at rest using AES-256 encryption, including databases and file storage. Encryption keys are managed by our cloud infrastructure providers.

Authentication

Passwords are securely hashed using industry-standard algorithms. Plaintext passwords are never stored or logged.
Authentication tokens are cryptographically signed and verified on every request.
Multi-factor authentication is available for all user accounts.

Password Requirements

Minimum 12 characters
At least 1 uppercase letter
At least 1 numeric digit
At least 1 special character

API Key Security

API keys are generated using cryptographically secure methods and hashed before storage. Plaintext API keys are never retained after initial issuance. API keys can be revoked at any time by account administrators.

Payment Security

Payment processing is handled by a PCI DSS Level 1 compliant provider. Sensitive payment information (card numbers, CVVs) never touches Huckle’s servers.

Secrets Management

All application credentials are stored in a dedicated secrets management service. Secrets are never stored in source code or version control.

Infrastructure

Huckle runs on managed cloud infrastructure from providers that maintain SOC 2 Type II certification. All services enforce HTTPS.

Key Rotation

Cryptographic keys and application credentials are rotated on a regular schedule in accordance with our internal key management policy.

​Data in Transit

​Data at Rest

​Authentication

​Password Requirements

​API Key Security

​Payment Security

​Secrets Management

​Infrastructure

​Key Rotation