Your Data, Protected
Security is not an afterthought at NSKAI. ZERRA is built from the ground up with enterprise-grade security measures to ensure your data, content, and transactions are always safe.
Encryption Everywhere
All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. This includes course content, user data, payment information, and AI conversations.
Secure Authentication
ZERRA uses Clerk for enterprise-grade authentication with support for multi-factor authentication (MFA), passwordless login, Google/social sign-in, and secure session management.
Role-Based Access Control
Strict separation between Learners, Tutors, and Organization Admins is enforced at both the UI and server levels. Even guessing a URL will not bypass our access controls — every server action verifies your identity and role.
Secure Infrastructure
ZERRA runs on serverless infrastructure with automatic scaling and isolation. Our PostgreSQL database (Neon) provides automatic backups, point-in-time recovery, and environment-level separation.
Video Content Protection
Course videos are securely streamed through Mux with adaptive bitrate delivery. Videos cannot be easily downloaded — they are protected by signed playback tokens and DRM safeguards.
Secure File Handling
File uploads (course attachments, images) are handled through UploadThing with server-side validation, type checking, and size limits. No direct file system access is exposed to end users.
Compliance & Best Practices
Data Protection
We follow data protection best practices aligned with GDPR and CCPA requirements. Users can request access to, correction of, or deletion of their personal data at any time.
Payment Security
Payment processing is handled entirely by our PCI DSS-compliant payment provider. ZERRA never stores full credit card numbers or sensitive financial data on our servers.
Incident Response
We have an incident response plan in place. In the unlikely event of a security incident, affected users will be notified promptly and appropriate remediation steps will be taken.
Responsible Disclosure
If you discover a security vulnerability in ZERRA, please report it responsibly to contact@nskai.org. We take all reports seriously and will respond promptly.
Trusted Technology Partners
ZERRA is built on industry-leading services that power some of the world's largest applications.