Security

How Invoice Guard HQ keeps invoice review scoped, explainable, and separate from payment control.

No provider passwords. No payment approval control.

The safest review starts with CSV, sandbox data, or restricted provider access.

Current controls

Accounts use hashed passwords, role-based admin access, CSRF protection for normal app forms, PostgreSQL migrations, and production readiness warnings for unsafe launch settings.

Uploaded CSV pre-scan

The CSV pre-scan parses invoice rows in the browser. Invoice rows from that tool are not uploaded to the server; refresh clears the uploaded data from the page. A one-time unlock sends payment confirmation only, not the CSV contents.

Provider credentials

Use sandbox or restricted provider credentials first. Provider credentials can be revoked from the dashboard and are encrypted when the production credential encryption key is configured.

Operational guidance

Production should use HTTPS, PostgreSQL backups, non-local APP_URL, configured PayPal webhooks, and a monitored business email.

Not allowed

Do not submit provider account passwords or unrestricted live API keys for normal duplicate invoice review.

Report a concern

Email support@invoiceguardhq.com.