Enterprise-Grade

Security First

Your documents contain sensitive information. SeekerPDF is built from the ground up with security and privacy as core principles, not afterthoughts.

Your documents never touch our servers

All processing happens on-device. AI requests go directly to your LLM provider.

Security Features

Multiple layers of protection for your sensitive documents.

NEW

7-Layer AI Guardrails

Every LLM call passes through input validation, rate limiting, injection detection (17 patterns), PII redaction (12 types), content policy, output validation, and quality checks.

12 Types

PII Auto-Redaction

Automatically detects and redacts emails, SSN, credit cards (Luhn-validated), phone numbers, IP addresses, passports, and 6 more PII types before data reaches the LLM.

AES-256

Keychain Encryption

API keys stored in the iOS Keychain with hardware-backed encryption. HMAC-SHA256 request signing and API key rotation support.

Face ID

Biometric Authentication

Face ID / Touch ID app lock with configurable auto-lock timeout. Failed attempt lockout after 5 tries.

AI Safety

Prompt Injection Detection

17 weighted regex patterns detect instruction overrides, DAN jailbreaks, system prompt extraction, role hijacking, and chat template injection attacks.

Privacy

On-Device / Local AI

Ollama integration for fully local AI processing. Documents never leave your device. Zero-knowledge architecture for all providers.

Network

Certificate Pinning

SSL certificate pinning for all API calls. TLS 1.3 encryption in transit. Request signing with HMAC-SHA256.

Integrity

Runtime Protection

Jailbreak detection, debugger attachment detection, app tamper detection, screenshot protection, and app switcher preview hiding.

Monitoring

Observability & Audit

Real-time guardrails dashboard: injection scores, toxicity trends, PII redaction counts, violation breakdown, and JSON-exportable audit trail.

How Your Data Flows

Your Document

Stays on device

AI Guardrails

7-layer safety check

PII Redaction

Auto-mask sensitive data

Your LLM Provider

Direct connection

Output Check

PII leak + quality

SeekerPDF servers are never in the data path. We can't read your documents even if we wanted to.

Compliance & Certifications

SOC 2 Type II

In Progress

Security, availability, and confidentiality controls

GDPR Compliant

Certified

European data protection regulation

CCPA Compliant

Certified

California Consumer Privacy Act

HIPAA Ready

Available

Healthcare data protection (Enterprise plan)

Security Best Practices

  • All data in transit encrypted with TLS 1.3 with certificate pinning
  • 7-layer AI guardrails middleware intercepts every LLM API call
  • PII auto-redacted from prompts before reaching any LLM provider
  • AI output scanned for PII leaks, system prompt leaks, and hallucination risk
  • Prompt injection detection with 17 weighted patterns and confidence scoring
  • Full audit trail with JSON export: timestamps, verdicts, scores, violations
  • Rate limiting (30/min, 500/hour) prevents abuse and cost overruns
  • On-device AI via Ollama — documents never leave your device
  • No analytics or tracking in documents; privacy manifest included

Security Questions?

For security inquiries, vulnerability reports, or enterprise compliance questions:

security@seekerpdf.com