Skip to content

Latest commit

 

History

History
25 lines (15 loc) · 1.22 KB

SECURITY.md

File metadata and controls

25 lines (15 loc) · 1.22 KB

Security

At 2FAS, the security is a top priority. If you encounter a potential security issue please report it following the guidelines below.

Reporting Security Issues

If you believe you've discovered a security vulnerability in Android mobile application, please do not post it publicly on GitHub. Instead, contact our security team directly by emailing security@2fas.com. If possible, please encrypt your message using our PGP key (here)

To help us address the issue quickly, please include the following information:

  • The specific product affected (e.g., iOS app, Android app, Browser Extension, API server, etc.)
  • Type of issue (e.g., unauthorized data access, privilege escalation, etc.)
  • Detailed steps to reproduce the issue
  • Any relevant details about the affected environment (e.g., device model, OS version)
  • Potential impact and any proof-of-concept code, if available

You should expect a response within 72 hours. If you don't receive a confirmation, please follow up to ensure we received your report.

Communication Language

We prefer all communications to be in English.

Policy

2FAS adheres to the principles of Coordinated Vulnerability Disclosure.