Security and Subprocessors
Version security-2026-06-16. Effective 16 June 2026.
1. Security summary
- Tenant data is logically separated by customer ID.
- Administrative access is controlled by Firebase Authentication and Firestore rules.
- Secrets and managed credentials are designed to use encrypted storage and cloud secret services.
- Audit logs record security-relevant console, device, and account activity.
- Device-side offline unlock data is encrypted locally and should be cleared on user switch/logout.
2. Current subprocessors and platform services
| Provider | Purpose | Notes |
|---|---|---|
| Google Firebase / Google Cloud | Authentication, Firestore database, Cloud Functions, Hosting, Storage, Secret Manager, logs. | Main ShareDroid cloud platform. |
| AWS Rekognition | Optional face liveness and face matching features. | Used only where facial authentication is enabled. |
| Microsoft Entra ID / Microsoft Graph | Customer identity integration, password reset, user validation, shared-device workflows. | Used when configured by the customer. |
| Stripe | Hosted checkout and subscription billing. | Used when paid checkout is enabled. |
| Cloudflare | DNS, routing, caching, and edge security for public web properties. | May process technical request metadata. |
3. Customer configuration risk
Security depends on correct customer configuration, including Entra permissions, MDM policies, device enrolment, administrator roles, app profiles, allowed apps, emergency access, and offline mode settings.
4. Reporting security issues
Report suspected vulnerabilities or security incidents to support@sharedroid.com.