Jinda Logo
JindaBhutan
Security First

Your Data Is Protected

Enterprise-grade security built into every layer. From password encryption to cloud backups — your business data is always safe.

AES-256

Encryption

Military-grade

bcrypt

Password Hashing

12 salt rounds

AES-256-GCM

Auth Tokens

Authenticated

SQLite

Database

Local & secure

Encrypted

Cloud Backup

Drive & MEGA

Complete

Audit Trail

Every action

12 Layers of Protection

Every part of the system is designed with security in mind.

Encrypted Passwords

Every password is hashed with bcrypt (12 rounds) before storage. Even if someone accesses the database, passwords cannot be read.

  • bcrypt with 12 salt rounds
  • Server-side hashing
  • No plain-text passwords

Hardware-Locked License

Each license is bound to one specific computer. The software cannot be copied or moved to another machine without a license reset.

  • Unique device fingerprint
  • Anti-piracy protection
  • Transfer limits tracked

Device Verification (OTP)

When logging in from a new device, a 6-digit code is sent to your email. Only verified devices can access your account.

  • 6-digit OTP code
  • 3 attempt limit
  • 15-minute lockout on failure
  • 5-minute code expiry

Secure Login System

Multi-layer login security with account lockout, rate limiting, and automatic detection of suspicious activity.

  • Account lockout after failed attempts
  • Rate limiting protection
  • Trial enforcement
  • Offline fallback

Encrypted Token Storage

Login tokens are encrypted using AES-256-GCM authentication. Tokens auto-refresh and are securely cleared on logout.

  • AES-256-GCM encryption
  • Auto token refresh
  • Token reuse detection
  • Secure logout

Role-Based Access Control

Two user roles — Admin and Staff. Admins have full access. Staff users can only use POS and basic features.

  • Admin and Staff roles
  • Restricted settings access
  • Authorization checks
  • Activity status tracking

Complete Audit Trail

Every action is logged — logins, sales, edits, deletions. See who did what and when. Export full audit reports.

  • All user actions logged
  • Old and new values tracked
  • CSV export available
  • Category filtering

Database Protection

SQL injection prevention, parameterized queries, foreign key enforcement, and secure directory permissions.

  • Table name whitelisting
  • Parameterized queries
  • Foreign key enforcement
  • Secure delete mode

Encrypted Cloud Backups

Backups are compressed, encrypted with AES-256-CBC, and uploaded to Google Drive or MEGA. Your data is safe even if your computer fails.

  • AES-256-CBC encryption
  • Google Drive & MEGA support
  • 30-day backup rotation
  • Auto-restore validation

Period Locking

Lock financial periods (month/year) to prevent any changes to past transactions. Ensures your books cannot be altered after filing.

  • Lock any month or year
  • Prevents transaction edits
  • Compliance-ready
  • Admin controlled

Encrypted Trial Lock

The 7-day free trial is protected with an encrypted file that cannot be deleted or reset. Prevents trial abuse.

  • AES-256-CBC encrypted trial file
  • Device-specific encryption key
  • Cannot be reset or bypassed

Secure License Verification

The software checks your license with the server every 24 hours. If offline, a 30-day grace period keeps you running.

  • Daily server verification
  • 30-day offline grace period
  • Multi-stage activation flow

How Your Data Is Protected

A complete picture of our security approach.

Step 1

Data Stays on Your Computer

Your sales, inventory, and customer data are stored locally in a secure SQLite database on your machine. We do not collect or store your business transactions on any external server.

Step 2

Passwords Are Never Stored

Every password is converted into a one-way hash using bcrypt with 12 rounds of salt. Even if someone gets access to the database file, they cannot reverse-engineer your password.

Step 3

Login Tokens Are Encrypted

After logging in, your session token is encrypted with AES-256-GCM and stored securely. Tokens auto-refresh before expiry and are completely cleared when you log out.

Step 4

Every Action Is Recorded

The audit trail logs every login, sale, edit, and deletion with timestamps and user details. You can see exactly who changed what and when. Full reports can be exported as CSV.

Step 5

Backups Are Encrypted in the Cloud

If you enable cloud backup, your database is compressed, encrypted with AES-256-CBC, and uploaded to Google Drive or MEGA. Only you hold the decryption key.

Step 6

License Cannot Be Copied or Reset

Your license is bound to your computer's unique hardware ID. The trial period is protected with an encrypted file that cannot be deleted or reset. Any attempt to crack the software results in immediate license termination.

Security You Can Trust

Try Jinda free for 7 days. Your data stays on your computer — always.