Security at AgroForth
This page is maintained by AgroForth to describe the controls protecting your farm, finance and identity data. It is not an independent certification.
Encryption everywhere
TLS 1.2+ for every request. Database and media storage are encrypted at rest.
Modern authentication
Email/password with strong hashing, Google sign-in, and JWT-based sessions managed by our auth provider.
Row-level security
Every table enforces row-level policies so one account can never read or write another's data.
Managed, hardened infra
Backend runs on managed cloud infrastructure with automated backups, patching and network isolation.
PCI handled by Paystack
Card data never touches our servers — payments are tokenised and processed by Paystack.
Continuous scanning
Automated security scans run against the codebase and database policies on every change.
Shared responsibility
AgroForth secures the platform: infrastructure, code, database policies and payment integration. You secure your account: use a strong unique password, keep your phone locked, and never share OTPs or screenshots of your login.
Responsible disclosure
Found a vulnerability? Please email security@agroforth.com with steps to reproduce. We will acknowledge within 72 hours and work with you on a fix. Please do not publicly disclose until we have shipped a patch.
security@agroforth.com