Pinlo handles real GPS coordinates for real addresses. We treat every pin as sensitive data — because it is. Here's how we protect it.
Pinlo runs on hardened cloud infrastructure with encrypted connections at every layer. All traffic between your browser and our servers is encrypted with TLS 1.2+. We enforce HSTS (HTTP Strict Transport Security) to prevent downgrade attacks.
Our API is protected by multiple layers of security middleware — including rate limiting, request size controls, and content security policies — all validated by automated penetration testing on every deployment.
TLS encryption on every connection. HSTS enforced. No plaintext traffic, ever.
Full suite: CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy.
SQL injection, XSS, and path traversal attacks are blocked and tested against 15+ payloads.
Body size limits, rate limiting per IP, and brute-force lockout after 5 failed login attempts.
Pinlo uses separate authentication systems for consumers, businesses, and platform administrators — each with controls appropriate to their access level.
| Layer | Method | Protection |
|---|---|---|
| Consumer accounts | JWT tokens (7-day expiry) | Strong password policy, IP rate limiting |
| Enterprise API | X-API-Key header |
Per-key rate limits, monthly caps, key masking |
| Admin panel | JWT + mandatory TOTP 2FA | Brute-force lockout, session timeout, role-based access |
We encrypt sensitive data at rest and in transit. Phone numbers are AES-256 encrypted before storage. API keys are hashed and never stored in plaintext. GPS coordinates are stored with standard precision and access is strictly controlled.
| Data Type | At Rest | In Transit |
|---|---|---|
| Phone numbers | AES-256 encrypted | TLS 1.2+ |
| GPS coordinates | Standard (access-controlled) | TLS 1.2+ |
| Passwords | Bcrypt hashed (not reversible) | TLS 1.2+ |
| API keys | Hashed (not stored in plaintext) | TLS 1.2+ |
| Access logs | 90-day retention, then purged | TLS 1.2+ |
Every pin owner decides who can see their location. You're always in control.
Anyone with your link can navigate. The link isn't discoverable — you have to share it. Default for everyday deliveries.
Visitors must enter a one-time code sent to your phone before the location is revealed. For sensitive addresses.
Only resolves via authenticated API calls with a valid API key. Cannot be opened in a browser. Enterprise only.
Pause, deactivate, delete, block sources, transfer ownership, or view full access history — anytime.
Pinlo has no public directory. Usernames are not searchable, browsable, or enumerable. You must know someone's exact link to access their pin. On top of that, we have multiple layers of abuse prevention:
| Protection | How It Works |
|---|---|
| Rate limiting | Max 30 pin views per IP per hour. Exceeding triggers lockout. |
| Auto-lock | Pins auto-lock after 100+ views in 1 hour. Owner is notified. |
| Bot detection | Headless browser detection, fingerprinting, suspicious user-agent blocking. |
| Login protection | 5 failed attempts = 15 minute IP lockout across all login endpoints. |
| API abuse | Per-key hourly and monthly rate limits. Bulk access requires proof of customer consent. |
| Rider fraud | GPS proximity required (50m), daily pin limits, dispute tracking, ban on repeated abuse. |
We run a 68-test automated penetration test suite on every deployment, covering security headers, authentication, SQL injection, XSS, access control, CORS, password policy, path traversal, API key security, rate limiting, and business logic abuse.
Our test coverage includes:
If you've discovered a security issue, we want to hear about it. Please email us at [email protected] with details of the vulnerability. We ask that you:
Give us reasonable time to fix the issue before public disclosure. Avoid accessing or modifying other users' data. Don't perform tests that could degrade our service for other users.
We take every report seriously and will respond within 48 hours.