Mobile menu
PureScarlet logo
Home   Safety   Tour   Members   Contact   Blog   

Encryption and security

Not all dating sites are the same. Many may have similar features on the outside but developers can be lazy when it comes to security on the inside. Adding security features can double the development time and many developers simply do not appreciate what they need to do to help increase privacy for their members. Here is a taste of some of the areas we have worked on to help produce a high quality experience for our members.

Encrypted URLS

When you move from page to page within the app/site we encrypt the URL just like a bank or financial site. This is done to stop hackers adjusting the values manually. Many other leading brands leave their URLs unprotected. Here is an example:

Pure Scarlet URL:
https://app.purescarlet.com/profile.php?pid=loldwC3sZr​dxg18wXFQk1NWsqN9EfTCV​fJwTQiqDqws=

Other leading sites URL:
http://domainremoved.com/user.php?id=3434

A hacker can change the value of id and move between profiles. Combined with some scripts they can create a database of all public user data or spam every member on the site. At Pure Scarlet a hacker cannot determine what a users ID actually is without determining the password that was used to encrypted the data.

Protected pictures

Pure Scarlet takes the images you upload and makes a new version with an encrypted file name, these new images are stored in a folder that is different to the originals you uploaded. This makes it difficult for a hacker to find the master location of images and download them in bulk. It also ensures that your userid is not included within the file name of the image. Here is an example:

Pure Scarlet file name
3ac9b825f6358c21f2a80b48c35dccaf.jpg

Other leading sites
106766411-xxxx.jpg

In some cases you can find the structure for users pictures or determine their ID which may be used in conjunction with some other weakness to compromise their account.

Encrypted connections

All data from your device to our servers is encrypted to help protect sensitive data as it travels through the internet. Even our home page is encrypted. Look out for a https start of the URL rather than http. The top ten Google search results for “Adult Dating” on mobile, only 1 site is encrypted, all the others are not. We own the only one that is! SSL certificates range from nothing to a few hundred £/$ and take less than a minute to install on a modern server. If you’re a member on a site that is not using https and they cannot be bothered to protect your data should you keep an account with them?
  • #1 not using HTTPS
  • #2 is using HTTPS
  • #3 not using HTTPS
  • #4 not using HTTPS
  • #5 not using HTTPS
  • #6 not using HTTPS
  • #7 not using HTTPS
  • #8 not using HTTPS
  • #9 not using HTTPS
  • #10 not using HTTPS

Encrypted / hashed passwords

Many millions of dating accounts have been hacked over the past 5 years and the vast majority of these have had their passwords stored in plain text. This means that a hacker has your email address and password. As people tend to reuse passwords it’s easy for a hacker to access your Gmail, Facebook, LinkedIn accounts etc. When you enter a password, we hash it (technical term for one way encryption). Once hashed we have no idea what your password is. If we wanted to find out it would take about 1,000 years of continual computing power. Hashing a password today is 1 line of code to encode and 1 line of code to validate. A few more steps need to be done for tools like reset password but any company not hashing passwords is far from professional in today's cyber-security world.

Summary

Hopefully you stuck with all of this technical information and are more aware of what to look out for when it comes to choosing an adult dating site. Not all dating sites are the same. As you can see many sites have no idea when it comes to security and encryption. They are focused on getting members to upgrade with no respect for your data.