Security standards FAQ

Frequently asked questions about our security standards.

Where does the SmartSlice API operate?

The SmartSlice API runs entirely on Amazon Web Services (AWS) in the us-east-1 region.

How is my data sent to the SmartSlice API?

All communication with the SmartSlice API is sent over TLS, which is the industry standard for secure transmission of data over a network.

What user data do you store, and how do you store it?

We store basic user information, such as name, email, encrypted password, etc. within a SQL database that operates on a private VPC in AWS.
For subscribers, we only temporarily store your 3D print model data (3MF file) while a SmartSlice job is running. Upon completion of the job, the model data is completely removed from our servers. The data is temporarily stored in a private AWS S3 bucket.
For trial users, we store and use your 3D print model data (3MF file) for the purposes of identifying and diagnosing common errors.
Basic information about each job, such as the creation time, finish time, and the results are stored in the aforementioned SQL database. The results of the jobs do not contain any information that would reveal sensitive information about the original model. The results are stored so they can be easily retrieved at a later time, if necessary.

How do you store passwords?

Upon registration your password is immediately encrypted before it is stored in a database. This encryption is irreversible. We will never store your plain text password. We cannot recover your password for you. If you forget your password, go to the account management portal and click "Forgot password?" to reset it.

Do you have any compliance certifications?

Not at the moment.

Do you have any penetration test results from external parties?

Click here for an API Security Assessment Summary Report that was prepared by DirectDefense, Inc.