How MediaKoi Protects Your Data

At MediaKoi, we treat your data with an extreme level of care. Our security philosophy is based on "Minimization"—we don't store what we don't need, and we protect what we do.

1. A Passwordless Future

We believe the most secure password is the one that doesn't exist. MediaKoi does not store passwords, which protects our users from common "credential stuffing" attacks.

  • Dynamic Authentication: When you request to log in, we generate a randomized, short-lived pincode delivered to your authorized email.
  • Security by Expiration: These codes are valid for a limited window and are instantly invalidated after use, ensuring that your account access remains in your hands.

2. Encryption at Every Stage

Whether your data is moving or staying still, it is invisible to unauthorized parties.

  • In Transit: All data moving between your browser and our platform is encrypted using industry-standard SSL/TLS protocols.
  • At Rest: All stored data, including database records and creative assets, is encrypted at rest using AES-256 or higher. This ensures your information is unreadable without the underlying encryption keys.

3. Serverless Architecture

MediaKoi is built on a fully serverless infrastructure. Unlike traditional platforms that run on 24/7 servers (which can be vulnerable to operating system exploits), our platform code only executes when a request is made.

  • Reduced Attack Surface: There is no persistent server infrastructure for a malicious actor to "break into" or install malware on.
  • Managed Security: By leveraging world-class providers, we inherit their multi-billion dollar security and physical safety certifications.

4. Your Data, Your Control

We believe in the "Right to be Forgotten." If you choose to close your MediaKoi account, we ensure your data is scrubbed from our systems.

  • Account Deletion: Customers can request full account deletion by contacting our support team. Once the request is processed, we will provide a final email confirmation that your data has been permanently removed from our encrypted storage.