Security & Reliability
How we protect tenant data, payments, webhooks, storage, and operations.

Visual direction
Security is part of the product design
The platform handles payments, staff permissions, tenant data, public QR links, webhooks, exports, and customer data, so security must be designed and tested from day one.
Tenant isolation
Restaurant A cannot access Restaurant B data through API params, direct URLs, realtime channels, or exports.
Payment integrity
Server-side totals, webhook signature validation, idempotency, replay protection, refunds, and reconciliation.
Access control
Owner, manager, cashier, waiter, kitchen, finance, support, and super admin permissions are tested by role.
Operational resilience
Backups, restore checks, monitoring, rate limits, Cloudflare protection, deployment rollback, and error handling.
Baseline standards
We align security validation with OWASP ASVS, OWASP Web Security Testing Guide, OWASP API Security Top 10, secure webhook handling, RLS testing, and production secret management.
Security controls we should commit to
Only expose menu/session actions that are intended for guests, with server-side table/session validation.
Role permissions for owner, manager, cashier, kitchen, waiter, finance, support, and super admin.
Signature validation, idempotency keys, replay resistance, and reconciliation against internal order totals.
Signed uploads where needed, image validation, size limits, and public/private bucket separation.
Rate limits, monitoring, backup restore checks, audit logs, and rollback-ready deployments.