. But, you may be wondering if this information is kept securely, to prevent unintentional sharing as well.
When you upload an identification document, credit card, vehicle, or even just your account password, you are trusting us to keep this information secure. We respect this trust and take the task seriously. To this end, we have spent considerable resources to being able to offer the best protection commercially available.
All web traffic through SKRT, https://skrt.com.tw/, and all other web services we offer, is only accepted through a secure HTTPS connection. To verify you are on an HTTPS connection, look for the "lock" icon in the URL bar of your browser.
Documents such as your National ID, Passport, and Driving License are stored on an encrypted server, separate from our application environment, with security policies in place such that only our application server can communicate with the document server. Each file has a permission set, ensuring you are the only one who can see your ID, Passport, etc.
We use TapPay, a PCI DSS compliant company, to process all credit card transactions. When you enter a credit card on our system, it goes directly through TapPay, without touching our servers, and we receive only a secure token representing your card. If hackers were to obtain this token, it does not contain any useful information and cannot be used to defraud you.
Similar to Personal Documents, all Vehicle Documents are stored on a separate encrypted server and are only viewable by the user with the correct access permissions. We will never share this data.
We have all seen the news of companies having their database compromised and user passwords leaked. This is not the sort of press we are trying to achieve with SKRT! Passwords and login cookies are cryptographically signed and salted, with no plaintext sensitive information being stored in our database.
These policies are effective as of June 1, 2019. This document was updated August 31, 2020.