Redirects over iframes

Redirects over iframes

Why we use redirects over iframes

Our platform is dedicated to providing a secure and efficient onboarding experience. To maintain a consistent user experience and ensure maximum compatibility across web browsers and our integrated third-party, we have chosen to implement redirects universally.

Redirects are universally supported and are often required by our partners within e.g. ID verification and account information due to their security policies and technical constraints. Redirects also offer enhanced security and privacy, reducing the risk of certain types of web attacks that iframes are more susceptible to. Implementing a single method for onboarding simplifies the integration process, making it more straightforward for our customers.

Security implications of using iframes

While iframes can offer certain benefits they also come with security implications that have led us to opt for redirects. Content displayed in an iframe may not have the same level of control as a redirected page, making it more difficult to ensure the look-and-feel of the experience but also security and integrity of the onboarding process.

If an iframe is improperly secured, it could be vulnerable to XSS (Cross-Site Scripting) attacks, where malicious scripts are injected into the content of the page, potentially leading to unauthorized access to user data. Embedding content using an iframe can sometimes be used to create convincing phishing sites, where users are misled into providing sensitive information.

By choosing redirects over iframes, we aim to mitigate these security risks, ensuring that our users' data remains protected throughout the onboarding process. Our commitment to security and compliance drives our decision-making process, and we continuously monitor and update our practices to align with best security standards and practices.

In conclusion, while iframes provide certain advantages, the security implications they bring, particularly in the context of KYC and KYB onboarding, make redirects a safer and more reliable choice for our service.