Store Credential Security

Apgio encrypts your keys in the browser using asymmetric encryption before uploading them to our servers. The keys are re-encrypted on our servers using industry-standard encryption via Google Key Management Service (KMS). We use a double-wrapping approach to further limit vulnerability to various attacks.

The keys are never stored in plain text in our systems, decryption happens on demand just before performing a transaction with the App Store / Play Store API.

Root key access is limited to two people at Apgio - the founders who have everything to lose if customer keys are compromised. We are also audited by third-party security experts to ensure our security practices are up to industry standards.

Last Updated: 18 August 2025