शब्दावली

SecureStamp डिजिटल ट्रस्ट शब्दावली

उपयोगकर्ताओं, सपोर्ट और जूनियर डेवलपर्स के लिए उत्पाद, क्रिप्टोग्राफी, ईमेल, प्रोटोकॉल और इंफ्रास्ट्रक्चर शब्दों की व्याख्या।

How to read this glossary

Terms marked as SecureStamp-specific have a product or protocol meaning defined by the foundation. The rest are standards, industry concepts or infrastructure used across .org, .online and .store.

Tip: use page search to jump to acronyms such as DKIM, E2EE, BYOK or Trust Receipt.

SecureStamp Terms

Concepts created or defined by SecureStamp to explain trust, stamps, receipts and verifiable perimeters.

SecureStampSecureStamp-specific: Digital trust platform for verifying senders, domains, identities and communications. It does not replace email or messaging apps; it adds a visible, verifiable layer for deciding whether a communication deserves trust.
StampSecureStamp-specific: A visual and verifiable seal representing SecureStamp evidence. A valid stamp is not just an image: it must be backed by a token, domain or recognized issuer.
No stampSecureStamp-specific: Visual state for a communication without a valid SecureStamp seal. It does not automatically mean fraud; it may mean an unenrolled company, unregistered domain, old email or unsupported provider.
Trust CheckSecureStamp-specific: Trust query about an email, domain, sender or channel. It returns state, score, signals and reasons so the user can decide whether to reply, click or stop.
Trust ScoreSecureStamp-specific: A 0-100 score summarizing technical, reputational, semantic and identity signals. It is a decision aid, not an absolute guarantee.
SecureStamp RegistrySecureStamp-specific: Registry of domains and organizations that completed verification. It shows whether a domain is enrolled, what evidence exists and which channels a brand can declare.
Domain enrollmentSecureStamp-specific: Process where an organization registers a domain and proves control, usually through DNS or equivalent steps. Until enrolled, a domain should not issue valid stamps.
SecureStamp SignalSecureStamp-specific: Product and protocol for channel trust on WhatsApp, Telegram and similar channels. It verifies whether a channel, account, phone, link or domain belongs to a brand-declared perimeter.
Trust ReceiptSecureStamp-specific: Verifiable receipt summarizing what was checked, when, with which evidence and under what boundary. Useful for support, audit and user evidence.
Brand Claim BoundarySecureStamp-specific: Explicit limit of a brand claim. It prevents over-promising: SecureStamp can certify official-perimeter membership, not intent or content truth.
Confidential MailSecureStamp-specific: End-to-end encrypted email between verified identities. Content is encrypted client-side so SecureStamp and mail providers do not read plaintext.
L1-L5SecureStamp-specific: Notarial evidence levels. L1 is basic evidence; L5 combines business identity, origin and integrity verification. The scale does not certify that content is true.

Email, Domains and Authentication

Classic abbreviations used when SecureStamp explains whether a sender or domain is properly authenticated.

DNSStandard: Domain Name System. Publishes records that resolve domains and prove control. SecureStamp uses DNS for domain verification and signals such as SPF or DMARC.
DNS TXTStandard: Text record in DNS. Used for control proofs, SPF policies, DMARC policies and public data that a verifier can read without private access.
SPFStandard: Sender Policy Framework. Lists which servers may send mail for a domain. Useful against technical spoofing, but it validates the envelope sender, not always the visible From.
DKIMStandard: DomainKeys Identified Mail. A cryptographic email signature proving selected parts were not changed and a DNS-published key belongs to the signing domain.
DMARCStandard: Policy connecting SPF/DKIM with the visible From domain. It tells receivers whether authentication failures should be monitored, quarantined or rejected.
DMARC alignmentStandard: Match between the visible domain and the domain authenticated by SPF or DKIM. Critical because attackers can pass one technical control with a different domain.
BIMIStandard: Brand Indicators for Message Identification. Lets some clients show brand logos when DMARC enforcement is configured. It is visual help, not a replacement for a verifiable stamp.
MIMEStandard: Email format for text, HTML, attachments and images. Security tools care because visible content and real HTML can tell different stories.
TyposquattingIndustry: Registering domains that look like a brand by changing letters or adding words. SecureStamp treats it as a semantic risk signal.
Business Email Compromise (BEC)Industry: Targeted business fraud involving transfers, fake invoices or bank-account changes. It may come from fake domains or compromised legitimate accounts.

Cryptography and Security

Terms needed to understand signatures, encryption, keys, verifiable logs and enterprise recovery.

E2EEIndustry: End-to-end encryption. Only sender and recipients should read content; the server transports ciphertext, not plaintext.
ES256Standard: Digital signature algorithm based on ECDSA P-256 and SHA-256. SecureStamp uses it for tokens and evidence where origin and integrity matter.
ECDHStandard: Elliptic Curve Diffie-Hellman. Lets two parties agree on a shared secret without sending that secret directly.
AES-256-GCMStandard: Authenticated symmetric encryption. It protects confidentiality and integrity, detecting tampering as well as keeping content private.
HKDF-SHA256Standard: Key derivation function that turns shared secrets into safe-purpose keys. It helps avoid dangerous key reuse.
PQCIndustry: Post-Quantum Cryptography. Algorithms designed to resist future relevant quantum computers. It means resistant to that attack class, not invulnerable.
ML-KEM-768Standard: Post-quantum key encapsulation mechanism. SecureStamp uses it in hybrid suites when recipients support compatible keys.
M-de-NIndustry: Quorum rule: M approvers out of N are required. For example, 2-of-3 prevents one person from recovering or abusing a critical secret alone.
BYOKIndustry: Bring Your Own Key. The organization supplies its own key or public key material for a cryptographic flow. Requires permissions, audit and rotation design.
Transparency logIndustry: Verifiable log where third parties can prove inclusion and consistency. It reduces the risk of rewriting trust-event history.

Protocols, APIs and Infrastructure

Common language for junior developers and integrators reading APIs, plugins, dashboards or runbooks.

APIIndustry: Application Programming Interface. Stable way for software to talk to software. SecureStamp exposes APIs for trust checks, stamps, Signal, E2EE, billing and administration.
RESTIndustry: API style based on resources, URLs, HTTP methods and JSON. Easy to consume from web, CLI, Postman or SDKs.
WebhookIndustry: Automatic call from one system to another when an event happens. It should be verified with signatures or secrets to prevent fake events.
OAuthStandard: Authorization protocol for granting account access without sharing a password. It supports limited, revocable permissions through scopes.
RBACIndustry: Role-Based Access Control. Permissions based on roles such as owner, admin, member or viewer. Prevents excessive privileges.
MFAIndustry: Multi-Factor Authentication. Requires more than one proof to sign in or approve sensitive actions.
DynamoDBInfra: AWS NoSQL database used by SecureStamp for product data, events and logs. It is designed around access patterns, not like a traditional relational database.
PK / SKInfra: Partition Key and Sort Key in DynamoDB. They define how data is grouped, ordered and queried. Poor design can force expensive scans.
GSIInfra: Global Secondary Index. Additional DynamoDB index for querying by another key. It adds cost but avoids inefficient searches.
CIIndustry: Continuous Integration. Automated pipeline that runs typecheck, tests and validation before trusting a change.