Secure site

How we keep your information safe

As we hold sensitive information, it's critical that we keep that data secure.

AssetInheritance runs on Amazon Web Services so your data sits on infrastructure operated by one of the major global cloud providers. We also apply further process and application controls so that your information is protected.

1. Encryption - fast, secure encryption, plus built-in tamper detection

We use AES (Advanced Encryption Standard) which is a widely used encryption standard adopted globally for protecting sensitive information. AES-256-GCM is an authenticated encryption algorithm. It provides both:

Confidentiality (keeps data secret)
Integrity & authenticity (ensures data isn’t altered and verifies the sender

How it works

AES-256: A symmetric cipher using a 256-bit key to encrypt data.
GCM mode
- Ensures data confidentiality, integrity, and authenticity, detecting any tampering
  - Uses counter mode (CTR) for fast encryption.
  - Adds a Galois field hash to generate an authentication tag

2. Portal Access and Login

Signing in requires both a password and multi-factor authentication (One Time Passcode) to verify your identity. This helps prevent unauthorised access, even if a password is guessed or compromised.

We enforce complex passwords to help ensure bots cannot 'guess' your password.

3. Documents

We do not allow you to upload your documents onto the portal to futher reduce any security risk.

4. Card data

We do not store your payment card details. This sits with the payment provider STRIPE.

5. Still Worried?

If you are still worried about security, then use the portal for it's main reason as a list of the assets and liabilities for probate. You do not have to enter fields that you feel are too sensitive, just the ones that are enough for a Will Executor to contact the companies e.g.:

For a savings account, if you enter the Bank Name and Sort Code.
For an investment account, the name of the company and a masked account number such as XXX1234