Security
Trust, proven with defaults and telemetry
send.et aligns technical controls with Ethiopian regulatory realities — so security teams can approve the platform without endless exceptions.
KYB & sender name approval
Organizations verify legal presence before production traffic. Sender names map to reviewed use cases so recipients see consistent, approved labels.
2FA for privileged actions
Administrators can require second factors via SMS or authenticator apps when modifying keys, billing, or compliance settings.
API key security
Keys are shown once, stored hashed, and separated between test and production. Rotation retires old material without downtime windows.
IP / CIDR restrictions
Production keys optionally allow only known egress ranges — ideal for VPC-bound services and regulated environments.
Audit logs
Sensitive configuration changes and approvals emit immutable audit entries for security and compliance reviews.
Webhook signing
Delivery webhooks ship with signatures derived from shared secrets so your workers can authenticate send.et reliably.
Data protection
Exports support redaction for message bodies where policies require minimized retention in downstream systems.
Abuse prevention
Rate limits, anomaly surfacing, and manual review hooks reduce toll fraud and spray patterns across shared routes.
Rate limiting
Burst OTP, campaign launches, and API spikes each get tuned policies with transparent 429 responses.
Need a security questionnaire?
We provide architecture diagrams, data flow summaries, and control mapping for procurement cycles.