Security You Can Trust
When you're remotely accessing vehicles and programming ECUs, security isn't optional. It's foundational.
End-to-End Encryption
Every connection uses AES-256 encryption. Data is encrypted on the sender's device and only decrypted on the receiver. Not even IgniteRemote servers can read your session data.
Multi-Factor Authentication
Protect your account with TOTP-based multi-factor authentication. Require MFA for all organization members to prevent unauthorized access.
Role-Based Access Control
Define granular permissions for team members. Control who can initiate sessions, manage devices, view audit logs, and administer the organization.
Session Audit Logging
Every session is logged with timestamps, participants, duration, and actions taken. Export logs for compliance reporting and internal review.
Digitally Signed Software
All IgniteRemote binaries are signed with an EV code signing certificate. Verify the authenticity and integrity of every download.
Privacy by Design
We collect only what's necessary to operate the service. Session data is never stored on our servers. Your USB data flows peer-to-peer when possible.
Infrastructure Security
Signaling Servers
Our signaling infrastructure runs on hardened cloud servers with automatic failover. Connection metadata is encrypted in transit and at rest.
TURN/STUN Relay
When peer-to-peer connections aren't possible, encrypted relay servers ensure connectivity. Relay servers never decrypt session data.
API Security
All API endpoints require authentication via JWT tokens. Rate limiting, input validation, and CORS policies protect against abuse.
Data Residency
Session data flows directly between peers when possible. When relay is needed, we use geographically distributed servers to minimize latency.
Compliance Roadmap
We are actively working toward industry-standard compliance certifications.