FAQ
Frequently Asked Questions
Find answers to common questions about TrustShield products, trust analysis, enterprise integration, security, privacy, and platform usage.
31 questions found.
General
TrustShield is a Digital Trust Platform that helps individuals and organizations determine whether digital interactions can be trusted before users click, scan, open, or pay. It combines multiple verification signals to produce clear and explainable trust decisions.
TrustShield helps identify potentially risky digital interactions before users act. It is designed to reduce exposure to phishing, malicious destinations, brand impersonation, fraudulent payment requests, and other forms of digital fraud.
TrustShield is designed for individuals, banks, FinTech companies, government organizations, enterprises, e-commerce platforms, application providers, and other organizations that need digital trust verification.
No. TrustShield complements existing security controls by adding a digital trust verification layer. It helps evaluate whether an interaction can be trusted before a user takes action.
Products and Trust Decisions
TrustShield currently provides URL Trust, QR Trust, Message Trust, Email Trust, Payment Trust, Browser Trust, and the Enterprise Trust API.
SAFE means the available evidence supports a trustworthy interaction and no significant risk indicators were identified. Users should still follow normal online safety practices.
CAUTION means TrustShield identified signals that require additional attention. The user should review the evidence, independently verify the destination or sender, and proceed carefully.
DANGEROUS means significant risk indicators were identified. The user should avoid the interaction unless its authenticity can be independently confirmed through a trusted source.
Yes. TrustShield provides trust scores, risk scores, positive signals, negative signals, reasons, recommendations, and practical guidance where applicable.
Trust Engine and AI
TrustShield combines multiple verification signals such as HTTPS and certificate validation, DNS resolution, domain characteristics, redirect behaviour, brand similarity, Unicode and homograph indicators, reputation intelligence, contextual analysis, and risk scoring.
No. TrustShield combines deterministic security validation, multi-signal risk analysis, and AI-assisted intelligence. Verified security signals remain the foundation of the decision, while AI adds contextual understanding and additional confidence where appropriate.
Deterministic checks provide repeatable and verifiable evidence, while AI can help interpret context and complex patterns. Combining both approaches supports clearer, more resilient, and explainable trust decisions.
No security platform can guarantee complete safety. TrustShield evaluates the evidence available at analysis time and provides guidance to support safer decisions. Threats, websites, and external conditions can change after analysis.
Integration and APIs
Yes. TrustShield provides APIs designed for integration with mobile applications, web applications, enterprise platforms, digital journeys, and security workflows.
Yes. TrustShield provides REST APIs with structured request and response models for supported trust products.
Developers can use the TrustShield Developer Documentation, API Quick Start, Enterprise API documentation, and the available OpenAPI resources.
Yes. TrustShield is designed as a shared trust platform that can support multiple client channels through its APIs.
TrustShield includes Keycloak and JWT-based security capabilities for protected APIs. The exact authentication flow depends on the integration and access model.
Security
Yes. Production communication uses HTTPS to protect data while it is transmitted.
TrustShield uses security controls such as HTTPS, authentication for protected APIs, rate limiting, request correlation, structured error handling, and operational monitoring.
Some public-facing product journeys require limited anonymous access. These endpoints are intentionally scoped and protected with controls such as rate limiting. Protected and enterprise APIs use authentication according to their access requirements.
TrustShield maintains operational logs for monitoring, troubleshooting, security analysis, and service reliability. Logging should avoid unnecessary sensitive content.
The production environment uses controls such as monitoring, database backups, log rotation, HTTPS certificate renewal, and deployment procedures designed to support reliable operation.
Privacy and Data Handling
No. TrustShield does not sell user or customer data.
This website forwards submitted analysis content to TrustShield backend analysis endpoints and keeps only in-memory browser session history for recent results. This repository does not include the backend persistence, cache, logging, analytics, report, or audit implementation, so backend retention must be confirmed in the backend repository before making a broader storage claim.
TrustShield may log operational information such as timestamps, correlation identifiers, endpoint details, status codes, execution duration, and technical error information. Sensitive user content should not be logged unless explicitly required and appropriately protected.
Users can review the TrustShield Privacy Policy and Terms of Service through the website.
Enterprise Adoption and Support
Organizations can begin with a product discussion, live demonstration, technical review, and a scoped evaluation or pilot based on the use case.
Organizations can use the Contact Sales, Partnership, or Contact options available on the TrustShield website.
Integration guidance can be provided during enterprise evaluation and onboarding. The exact support model should be agreed for each engagement.
Yes. TrustShield can support digital trust use cases across banking, FinTech, government, enterprise, e-commerce, and other digital platforms.