The Optimize platform is amongst the most secure for data transfer in the market. Alongside the usual transfer of data over HTTPS, it also encrypts the content itself in numerous ways. With all of these combined, one should find Optimize to be a comparatively very secure system, with data, experiences and storage very difficult to read, interpret or compromise.

To ensure that this is as difficult as possible to intefere with, every Optimize account will encrypt data differently, so even the same values won’t be stored using the same values. Pretty good, right? 🙂


At rest

When you send data to Optimize, it’s encrypted at rest, meaning it’s inelligible to those who access it without the correct credentials to decrypt.


In transit

When you inspect communications between your web page and OTS, you’ll notice that data is encrypted.

This includes the request payload (data going out to the Optimize servers):

Encryption in request payload

This also includes response (data coming in to your browser) have encrypted data.

Encryption in response payload

Not only does this make it challenging for hackers or compromised 3rd party services to interpret and distort your communication with our servers, but also makes it challenging for your competitors to understand what you’re up to.


In browser storage

Again, we want to make it difficult for bad-actors to compromise the integrity of our data, so we also encrypt our browser storage. If you inspect the cookies we drop, you’ll notice that none of them are in a human-readable format:

Encryption in browser storage