← Back to Weyland AI

Security

Sovereign Infrastructure

Last updated: March 10, 2026

Infrastructure

• Edge Computing: All requests served from Cloudflare's global edge network (300+ cities). No single point of failure.
• Sovereign AI: Document analysis runs on PhotonicMind, our proprietary inference engine. Your data never leaves our infrastructure.
• Encryption: All data encrypted in transit (TLS 1.3) and at rest (AES-256).
• Database: Cloudflare D1 with automatic replication and point-in-time recovery.
• File Storage: Cloudflare R2 with server-side encryption.

Authentication

• SSO Provider: AuthFor — enterprise-grade authentication with WebAuthn/passkey support.
• Session Management: Cryptographically signed tokens with automatic expiration.
• No Passwords Stored: Authentication delegated to AuthFor. We never handle raw credentials.

Payment Security

• PCI Compliant: Payment processing handled by Stripe via VendyAI. Card data never touches our servers.
• Webhook Verification: All Stripe webhooks verified via HMAC-SHA256 signatures with replay protection.

Data Handling

• Uploaded documents are processed in isolated worker contexts — no shared memory between requests.
• Extraction results stored per-project with tenant isolation.
• Rate limiting enforced per-user to prevent abuse.
• All API requests logged with unique request IDs for audit trails.

Responsible Disclosure

If you discover a security vulnerability, please report it to security@weylandai.com. We will respond within 48 hours and work with you to resolve the issue.

Contact

Weyland AI Systems — a MobCorp venture
Security team: security@weylandai.com