SYSTEM STATUS, SECURITY & TRUST

Security built for the
moment that matters most.

When someone triggers an SOS, the signal has to move faster than the threat, without ever leaking, dropping, or landing in the wrong hands. This is how AMBA protects it, end to end.

LIVE.SECURITY.LEDGERv1
DATA IN TRANSITTLS 1.3 ENCRYPTED
DATA AT RESTAES-256 ENCRYPTED
ALERT TRANSMISSION~3 SEC AVG
PLATFORM MONITORING24 / 7
ACCESS MODELROLE-BASED, LEAST PRIVILEGE

Built on infrastructure, not assumptions. AMBA is hosted on enterprise-grade cloud infrastructure with encryption applied to every alert, location ping, and incident record, in motion and at rest.

We treat every SOS as a high-criticality event: designed to survive network loss, flag false positives, and still get help moving.

What happens in the three seconds after someone presses SOS.

Every alert moves through the same protected pipeline, from the device in someone's hand to the responder's screen.

1
Trigger on device
A one-press SOS captures location, identity, and (where enabled) audio context directly on the user's device before anything leaves it.
DEVICE-LEVEL
2
Encrypted transit
The alert payload is encrypted in transit using TLS before it touches AMBA's network, no plaintext location or identity data crosses the wire.
TLS 1.3
3
Verification & routing
The alert is matched to the right destination, a Safe Circle, a connected organization's dashboard, or both, using role-based access so only authorized responders see it.
LEAST PRIVILEGE
4
Dispatch to responders
Security teams and Safe Circle contacts are notified simultaneously, with live location and status, so response doesn't wait on a single point of failure.
REAL-TIME
5
Encrypted audit log
Every SOS event and trip is logged for incident review and organizational reporting, encrypted at rest, access-controlled, and retained only as long as it serves safety or compliance.
AES-256 AT REST

Four principles, applied to every byte AMBA touches.

Encryption everywhere

Data is encrypted in transit (TLS) and at rest (AES-256), covering location pings, identity records, incident reports, and dashboard data alike.

Role-based access

Organization admins and responders only see what their role requires. No standing access to raw user data outside an active, authorized incident.

Data minimization

AMBA collects what's needed to deliver help, location, identity, Safe Circle, incident context, and nothing beyond that scope.

Isolation by design

Each connected organization's incident data, responders, and dashboards are logically separated from every other organization on AMBA.

Designed for the network you actually have, not the one you wish you had.

Nigeria's networks aren't always perfect. AMBA's alert logic accounts for that, rather than assuming it away.

~3s
Average alert delivery time
24/7
Platform & alert monitoring
2
Active pilot states, Rivers, Imo

Network-loss handling

If a connection drops mid-alert, AMBA retries delivery and queues critical data so a weak signal doesn't mean a missed SOS.

False-positive awareness

Alerting logic favors deterministic, rule-based triggers over guesswork, and gives users a clear, fast way to cancel a mistaken SOS.

No single point of failure

Alerts route to both an organization's response team and a user's Safe Circle at once, so help doesn't depend on one channel working.

Built to scale without slowing down

Event processing is built for cost-efficient scale, so response time for the 500th user looks the same as for the 5,000th.

Who can see your data, and for how long.

  • Regulatory alignmentNigeria Data Protection Act (NDPA) 2023
  • Data ownershipUser & connected organization
  • RetentionLimited to safety / compliance need
  • Deletion requestsSupported on request
  • Third-party sale of dataNever
  • Cross-org data sharingNot permitted by default
NDPA-ALIGNED ROLE-BASED ACCESS AUDIT-LOGGED

For institutions, banks, universities, government agencies, and estates, AMBA's organization dashboard is built so your security team controls who on your side can see incidents, while AMBA's own access stays limited to what's needed to keep the platform running.

This page reflects AMBA's current security architecture and practices as the platform scales from active pilots toward national deployment. We're glad to walk any institutional partner through it in more depth.

Found a vulnerability? Tell us first.

Report it directly to our team

If you believe you've found a security weakness in AMBA, we want to hear from you before anyone else does. We'll acknowledge your report and work with you to resolve it responsibly.

security@amba.africa

Evaluating AMBA for your organization?

Request our full security documentation, or talk directly with the team building it.