Technicals
Strong passwords are required for all user accounts
Users’ devices are registered to their account; if the device is lost or stolen, they can easily log into a web portal to de-register the device and shut down any active sessions
Codes are one-time use; a new light sequence is generated after each use from more than 2^70 possibilities (over one sextillion)
Global encryption with 256 bits AES-GCM key
Double level of encryption on sensitive attributes using PBKDF2, 10K iterations, SHA512 hashing
Protection against SQL injections, XSS attacks, password brute force
All communications between app and server are via HTTPS
RSA encryption
Application use is protected using the OS’s built-in systems
Application is available on iPhones running iOS 11 or more recent, and Android devices running Android 4.4 KitKat or more recent
Available in French and English