Security

AUMENT token is an ERC20 token on the Ethereum blockchain network. ERC20 is a smart contract standard for tradable tokens on Ethereum. Token's logic (code) is written on Ethereum blockchain and cannot be changed.

The token itself is cryptographically signed to prevent tampering. After the token is validated by the service, it is used to establish security context for the client, so the service can make authorization decisions or audit activity for successive user requests. During the registration process, the confirmation codes are sent to client mobile phone and e-mail address separately.

For additional security, the first portion of the code is sent to the client mobile phone and the second portion of the code to the client’s email address. Once user logs in, each session is time limited and will expire after certain configured time frame unless refreshed. Additionally, AUMENT Admin application used by back-office staff also incorporates single login logic, which prevents user from being logged in with two different browsers.

In case of client applications on mobile devices, additional layers of security are available on-device, including device locking (operating system based, not app based), as well as option for users to define their own PIN, which is requested every time user tries to open the app or execute action that requires additional authorization.