Your data stays private. Every action is proven.
You choose who reads your data. Every delivery carries cryptographic proof. Every record is permanent.
You store customer events.
Some contain personal data.
Some are regulated.
You can read all of them.
Your customers do not know that.
One breach exposes everyone.
Encryption at rest is not enough.
You need zero knowledge infrastructure.
npayload gives you exactly that.
Three privacy modes
Choose per channel who can read what. From standard encryption to full zero knowledge.
Standard
TLS in transit, encryption at rest. npayload can read data for routing and logging.
Hybrid
Payload is encrypted client side. npayload sees only routing metadata. Content stays unreadable.
Zero Knowledge
Everything is encrypted before it leaves your device. npayload delivers an opaque blob. It never holds the keys.
Stolen credentials are useless.
DPoP binds every token to the device that created it. Intercepted tokens cannot be reused.
Generate
Your device generates an asymmetric key pair. The private key never leaves the device.
Bind
The OAuth token is bound to the device public key. Transfer is impossible.
Sign
Every request is signed with the private key. URL, method, and timestamp are included in the proof.
Verify
npayload verifies the signature at delivery. Stolen token without the key? Rejected immediately.
Every action leaves a permanent, verifiable record.
Every event, every token verification, every signed delivery, and every key rotation is recorded in a hash chain. Altering any record breaks the chain visibly. SOC 2, GDPR, and HIPAA auditors get exactly the proof they need. Nobody can alter or delete a record after the fact.
Your data stays in your region.
Physically separate infrastructure per region and per organization. No shared state between tenants.
Dedicated Cell
Each organization gets its own cell with separate database, encryption keys, and compute resources.
Regional Isolation
Data stays in the region your regulators require. No transfer without explicit bilateral consent.
Cross Region Consent
Flows between regions require mutual agreement from both parties. Audit records every authorization and every revocation.
Before and after npayload Security
Without npayload
- Data stored in plaintext on shared infrastructure
- Stolen tokens work from anywhere
- Audit logs can be modified
- No control over data location
- Compliance takes 6+ months to prove
- One breach exposes everyone
With npayload
- Three privacy modes per channel
- DPoP binds tokens to devices
- Hash chained tamper proof audit
- Regional data residency enforced
- SOC 2 GDPR HIPAA ISO 27001 mapped
- Dedicated cell per organization
npayload vs. building security yourself
| Feature | npayload | Build it yourself |
|---|---|---|
| Three privacy modes | Months of work | |
| Device bound authentication | Weeks of work | |
| Tamper proof audit trail | Months of work | |
| Regional data residency | Complex infrastructure | |
| Dedicated cell per tenant | Expensive to build | |
| SOC 2, GDPR, HIPAA, ISO 27001 | 6+ months of work | |
| Consent based cross org sharing | ||
| HMAC signed deliveries | Days of work | |
| Audit streaming to GRC | Months of work |