Security

Account security built around trust.

OctoNet Mobility is being designed with safer sign-in, account protection, device safety, privacy-first wording, and future app security features like Face ID and Touch ID.

Protection

What OctoNet will protect.

Security should feel simple, clear, and customer-first — not confusing.

🔐

Secure Sign-In

Firebase Authentication is now connected for account creation, secure sign-in, password reset, email verification, and persistent sessions.

👤

Account Protection

OctoNet should support sign-out, session protection, suspicious activity notices, and trusted-device controls over time.

📱

Face ID / Touch ID Ready

The OctoNet app can later support Face ID or Touch ID so customers can unlock account access faster and safer.

🛡️

Device Safety

Support tools can help customers understand IMEI checks, eSIM compatibility, pSIM support, and lost/stolen device steps.

💳

Payment Safety

When payments are added, OctoNet should use secure payment providers instead of storing sensitive card information directly.

🚫

No Location Tracking Claim

OctoNet should be clear: device safety checks are not phone-location tracking. OctoNet does not track customer phone locations.

Security Roadmap

Security upgrades to build next.

Website Security

  1. Use Firebase Auth for real account sign-in.
  2. Add password reset and email verification.
  3. Protect account-only pages.
  4. Add safer session handling and sign-out everywhere.
  5. Add privacy and security notices in plain language.

App Security

  1. Add Face ID / Touch ID with iOS LocalAuthentication.
  2. Add secure session unlock.
  3. Add account sign-out and timeout options.
  4. Add trusted device language.
  5. Add suspicious activity alerts later.
Security features listed here are planned or recommended features. Real customer launch should be reviewed by qualified technical, privacy, legal, and telecom professionals.
Website Protection

Security added to this website.

These protections help reduce common browser risks while OctoNet prepares for real authentication.

HTTPS + HSTS Ready

Helps browsers prefer secure HTTPS connections on supported deployment domains.

Clickjacking Protection

Prevents the site from being embedded inside another website frame.

Content Security Policy

Limits where scripts, images, forms, and website resources can load from.

Privacy Permissions Lockdown

Blocks unused browser permissions like camera, microphone, geolocation, and payment APIs by default.

Security Contact

Adds a public security.txt file so security issues can be reported responsibly.

Safer External Links

External links now use safer browser behavior to reduce tabnabbing risk.