Security Policy

Best practices to follow

We have always placed your security first on SkorLife. To ensure maximum security, we have made a simple list of security to-do's you can follow:

• Never divulge your personal bank details like card number, CVV, PIN, and OTP in any medium, including calls, texts, or emails. we will never, ever ask you for any of the sensitive details mentioned above.
• We will never call you and ask to do any payment transaction on the app or install any remote access software such as Teamviewer, Anydesk, etc. Never respond to such emails, texts, or phone calls.

Privacy Practices

We do not sell your personal information to or share it with unaffiliated third parties for their own advertising or marketing purposes without your explicit consent.

Check out our Privacy Policy for more information

Data Security

We employ separation of environments and segregation of duties and have strict role-based access control on a documented, authorized, need-to-use basis

We use key management services to limit access to data except the data team

Stored data is protected by encryption at rest and sensitive data by application level encryption

We use data replication for data resiliency, snapshotting for data durability and backup/restore testing for data reliability.

Incident and Change Management

We have deployed mature processes around Change Management which enables us to release thoroughly tested features for you both reliably and securely enabling you to enjoy the SkorLife experience with maximum assurance

We have a very aggressive stance on Incident Management on both Systems downtime and Security and have a Network Operations Center and an Information Security Management System in place which quickly reacts, remediates or escalates any Incidents arising out of planned or unplanned changes.

Vulnerability Assessment and Penetration Testing

We have an inhouse network security team which uses industry leading products to conduct manual and automated VA/PT activities

We employ both static application security testing and dynamic application security testing which is incorporated into our continuous integration / continuous deployment pipeline

We also leverage CERT-IN certified auditors to do periodic external security testing and audits.

Standards and Certifications

We are an ISO 27001:2013 and ISO 27701:2019 certified company and have implemented required Information Systems Management System policies and procedures in order to maintain industry standard best practices and applicable controls.

Responsible Disclosure

We at SkorLife are committed about our customer's data and privacy

We blend security at multiple steps within our products with state of the art technology to ensure our systems maintain strong security measures

The overall data and privacy security design allows us defend our systems ranging from low hanging issue up to sophisticated attacks