> ## Documentation Index
> Fetch the complete documentation index at: https://docs.formo.so/llms.txt
> Use this file to discover all available pages before exploring further.

# Security Best Practices

> Learn how Formo protects your data with privacy-first design, encryption, RBAC, MFA, SSO, CSP, and Subresource Integrity security practices.

## Data Privacy

<Card title="Privacy Friendly" icon="eye-slash">
  Built with privacy in mind with no third-party cookies, fingerprinting, or invasive tracking.
</Card>

Our SDK explicitly does **not** collect:

* IP addresses (country is derived from timezone, not IP geolocation)
* Device fingerprints (no Canvas, WebGL, or storage-based fingerprinting)
* Social profiles (no Twitter, Discord, or email collection)
* Third-party cookies

<Tip>
  Learn more about what data we collect in our [Data Collection](/data/what-we-collect) documentation.
</Tip>

## Transparency

<Card title="Open Source" icon="github" href="https://github.com/getformo/sdk">
  Formo SDKs are 100% open source with a fully permissive MIT license.
</Card>

## Compliance

<Card title="SOC 2 (in progress)" icon="shield-check">
  Formo's SOC 2 compliance report will be available on request.
</Card>

## Supply Chain Security

<CardGroup cols={2}>
  <Card title="NPM Trusted Publishing" icon="npm" href="https://formo.so/changelog/trusted-publishing-contracts-api-keys">
    Eliminates security risks from long-lived write tokens, which can be compromised.
  </Card>

  <Card title="Subresource Integrity" icon="lock" href="/security/sri">
    Formo supports SRI, which helps prevent attacks like cross-site scripting (XSS) and NPM hijacking.
  </Card>

  <Card title="Content Security Policy" icon="shield" href="/security/csp">
    Formo supports CSP, which helps prevent attacks like cross-site scripting (XSS) and data injection.
  </Card>

  <Card title="Minimal Dependencies" icon="cube">
    Having fewer runtime dependencies significantly reduces the supply chain attack surface.
  </Card>
</CardGroup>

### SDK Dependencies List

The [@formo/analytics](https://github.com/getformo/sdk) SDK maintains a minimal dependency footprint to minimize attack surface:

| Package                                                                       | Purpose                                      | Risk Level                                                                                                        |
| :---------------------------------------------------------------------------- | :------------------------------------------- | :---------------------------------------------------------------------------------------------------------------- |
| [ethereum-cryptography](https://github.com/ethereum/js-ethereum-cryptography) | Cryptographic operations (Keccak256, SHA256) | Low - Audited pure JS library containing all Ethereum-related cryptographic primitives by the Ethereum Foundation |
| [mipd](https://github.com/wevm/mipd)                                          | EIP-6963 wallet discovery                    | Low - standard EIP-6963 implementation by the [wevm](https://wevm.dev/) team, authors of wagmi                    |
| [fetch-retry](https://github.com/jonbern/fetch-retry)                         | HTTP retry with exponential backoff          | Low - simple utility                                                                                              |

All releases include cryptographic [provenance attestations](https://www.npmjs.com/package/@formo/analytics#provenance) linking each npm package to its GitHub source code.

## Secure Installation Methods

There are two ways to install the Formo SDK, each with different security properties:

| Method                                           | MITM Protection                                                                   | Supply Chain Verification                                                                                                                                 |
| :----------------------------------------------- | :-------------------------------------------------------------------------------- | :-------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **NPM package** (`npm install @formo/analytics`) | Script is bundled into your own assets - no third-party script loading at runtime | npm integrity checks (SHA-512) + [provenance attestations](https://www.npmjs.com/package/@formo/analytics#provenance) verify the package came from GitHub |
| **CDN script tag**                               | Enable [SRI](/security/sri) + [CSP](/security/csp) for cryptographic verification | SRI hash verifies the script before browser execution                                                                                                     |

<Tip>
  **For security-sensitive deployments**, we recommend the NPM package install. When you install via `npm install @formo/analytics` and bundle the SDK into your own application, there is no third-party script loaded at runtime - eliminating the MITM vector entirely. The code is verified by npm's integrity checks during install and served from your own domain.
</Tip>

For the CDN script tag method, enable [SRI](/security/sri) and [CSP](/security/csp) for equivalent protection. See the [complete secure installation](/security/csp) guide.

## Infrastructure Security

<CardGroup cols={2}>
  <Card title="Encryption in Transit" icon="lock">
    All connections secured with industry-standard TLS 1.2+ encryption.
  </Card>

  <Card title="Encryption at Rest" icon="database">
    All data volumes, including backups, are encrypted at rest with unique AES-256 keys.
  </Card>

  <Card title="Backups" icon="cloud-arrow-up">
    All customer databases are continuously backed up to highly durable storage.
  </Card>

  <Card title="Data Center Security" icon="server">
    Formo runs on AWS, which has the highest levels of security and reliability.
  </Card>

  <Card title="Monitoring" icon="eye" href="https://status.formo.so/">
    24/7 on-call rotations with internal escalations monitor across all systems.
  </Card>
</CardGroup>

## Software Security

<CardGroup cols={2}>
  <Card title="Quality Assurance" icon="check-double">
    Automated tests and code reviews run after each code change as part of QA.
  </Card>

  <Card title="Security Reviews" icon="magnifying-glass">
    Engineering review for security best practices to address potential security threats.
  </Card>

  <Card title="Vulnerability Management" icon="bug">
    Formo conducts regular penetration tests in addition to internal security reviews.
  </Card>
</CardGroup>

## Partner Security

<CardGroup cols={2}>
  <Card title="Payments and PCI" icon="credit-card" href="https://security.paddle.com/">
    Formo uses Paddle to process payments and does not store credit card information.
  </Card>

  <Card title="Subprocessors" icon="list-check" href="https://formo.so/dpa">
    Formo keeps the list of data subprocessors updated in the Terms of Service.
  </Card>
</CardGroup>

## Access Control

<CardGroup cols={2}>
  <Card title="Single Sign-On (SSO)" icon="key" href="/security/sso">
    SAML-based SSO allows centralized authentication through your identity provider.
  </Card>

  <Card title="Multi-Factor Authentication" icon="shield-halved" href="/security/mfa">
    MFA adds an additional layer of security to user accounts and workspaces.
  </Card>

  <Card title="Role Based Access Control" icon="users" href="/security/roles">
    RBAC enforces the least privilege principle on users based on specific roles.
  </Card>

  <Card title="Audit Logs" icon="clipboard-list">
    Every action in a workspace produces an audit log record. Owners and Admins can review the workspace audit log.
  </Card>
</CardGroup>

## Others

<Card title="Changelog" icon="clock-rotate-left" href="https://formo.so/changelog">
  Formo publishes a weekly summary of updates and fixes.
</Card>

## FAQ

<AccordionGroup>
  <Accordion title="Does Formo store IP addresses or use device fingerprinting?">
    No. Formo does not store IP addresses, use device fingerprinting, or set third-party cookies. See [what we collect](/data/what-we-collect) for a full breakdown of the data Formo processes.
  </Accordion>

  <Accordion title="Is the Formo SDK open source? Can I audit the code?">
    Yes. The Formo SDK is fully [open source on GitHub](https://github.com/getformo/sdk). You can audit the code, verify what data is collected, and contribute improvements.
  </Accordion>

  <Accordion title="How should I install Formo for maximum security?">
    Use [Subresource Integrity (SRI)](/security/sri) to verify SDK integrity, configure a [Content Security Policy (CSP)](/security/csp) to control allowed domains, and set up a [reverse proxy](/sdks/web#proxy) to route requests through your own domain.
  </Accordion>

  <Accordion title="Does Formo support SSO and role-based access control?">
    Yes. Formo supports [Single Sign-On (SSO)](/security/sso) for centralized authentication through your identity provider, [multi-factor authentication (MFA)](/security/mfa) via TOTP, and [role-based access control](/security/roles) with Owner, Admin, Editor, and Member roles.
  </Accordion>
</AccordionGroup>

## Contact

If you have any questions, [contact us](https://formo.so/support).