Skip to content

How Tubara Keeps Your Family Safe: Security Explained Simply

Security in Layers (Like a Castle)

Think of Tubara's security like a medieval castle with multiple layers of protection:

  • The Moat: Encrypted connections (HTTPS)
  • The Walls: Secure database with restricted access
  • The Vault: Encrypted storage for sensitive information
  • The Guards: Parental password gates
  • The Keep: Separate, isolated family accounts
  • Each layer protects your family's data in different ways.

1. Your Passwords (The Castle Keys)

What we do:

When you create a password, we immediately scramble it using bcrypt encryption (a very strong, one-way lock). Simple analogy: Imagine putting your password through a meat grinder - it becomes unrecognizable mush. If someone stole our entire database, they'd just see scrambled mush, not your actual password. Even we can't read your password. When you log in, we scramble what you type and check if the mush matches. If it does, you're in!

2. Your Children's Information (The Vault)

What we do:

Your child's name and age are encrypted with AES-256 - military-grade encryption used by governments and banks. Simple analogy: Think of it like putting their information in a locked safe, then burying the safe, then encrypting the map to find it. Three separate locks that all need the right keys. Why this matters: Even if someone hacked our database (extremely unlikely), they'd see gibberish:

Real name: "Emma" → Stored as: "U2FsdGVkX1+Qxv7jQ..." Real age: "7" → Stored as: "U2FsdGVkX1+Mxp9kR..."

Only Tubara's secure system can unlock these - not even our staff can read them without proper authorization.

3. Payment Information (We Don't Touch It)

What we do: We use Stripe - the same payment processor used by Amazon, Shopify, and millions of businesses. Simple analogy: When you pay at a restaurant with a card, the waiter doesn't write down your card number. They just run it through the machine. Same principle - your card details go straight to Stripe, never through our servers. What we know:

✅ "Payment successful"

✅ Your subscription tier (Free/Starter/Unlimited)

What we DON'T know:

❌ Your card number

❌ CVV code

❌ Expiry date

❌ Billing address

This means if someone hacked Tubara tomorrow, they wouldn't get any payment information because we simply don't have it.

4. Family Separation (Locked Apartments)

What we do: Every family account is completely isolated in our database. Simple analogy: Think of an apartment building. Each family has their own apartment with a locked door. You can't see into other apartments, and they can't see into yours. Even the landlord (us) can't open your door without your permission. This means:

  • Joe Blogg's family can't see John Doe's family's data
  • Any number of families can use Tubara, each with complete privacy
  • A security issue in one account doesn't affect others

5. Secure Connections (Armored Cars)

What we do: Every piece of information traveling between your device and Tubara uses HTTPS encryption (the padlock you see in your browser). Simple analogy: Think of regular internet (HTTP) like sending postcards - anyone can read them. HTTPS is like sending letters in locked, armored trucks - only you and the recipient can open them. What's protected:

  • Your login credentials

  • Your children's information

  • Watch history

  • Everything you type or click

Interception is virtually impossible - modern encryption would take millions of years to crack.

6. Parental Gate (The Guardian)

What we do: The Parent Dashboard requires a password every time you access it (expires after 30 minutes). Simple analogy: Imagine your child can watch TV in the living room, but the remote control is locked in a safe in another room. They can enjoy what's on, but they can't change channels or access settings.

Why it matters: Even if your child knows your main password (not recommended!), they still can't:

  • Add or remove channels
  • Change age restrictions
  • View payment information
  • Modify screen time limits
  • Delete their watch history

The Parent Dashboard auto-locks itself after 30 minutes as an extra safety measure.

7. No Social Features (Total Isolation)

What we do: Tubara has zero communication features. Compare to other platforms:

Feature YouTube Kids NetflixKids Tubara
Comments yes (limited) no no
Messaging no no no
Profiles visible to others yes (avatars) no no
Friend lists no no no
Sharing yes no no

Your child cannot:

  • Talk to other children
  • See other families' accounts
  • Share anything publicly
  • Receive messages
  • Be contacted by anyone

It's a completely walled garden - just your family and safe educational videos.

8. Database Security (The Fortress)

What we do: Our database is hosted on Neon (enterprise-grade PostgreSQL hosting) with multiple security layers.

Security features: 🔒 Encrypted storage - Everything encrypted at rest

🚪 Limited access - Only authorized connections allowed

📊 Regular backups - Automatic daily backups in case of data loss

🔐 Connection pooling - Efficient, secure connection management

🛡️ SQL injection prevention - Special protection against hacking attempts

Simple analogy: Your data is stored in a bank vault (Neon), not in a filing cabinet in our office. Professional security guards (Neon's security team) watch it 24/7.

9 Security Monitoring (The Watchtower)

What we do: We use Aikido Security - automated scanning that constantly checks for vulnerabilities. Current status: 100% security score ✅

What this means: Daily scans check for known vulnerabilities Dependency checks ensure all software components are secure Code analysis catches potential security issues before they become problems Alerts notify us immediately if anything suspicious appears

Simple analogy: Like having security cameras and motion sensors throughout the castle, alerting guards to any unusual activity before it becomes a threat.

10. What We Can't Protect Against (Honest Limitations)

We're very secure, but parents need to understand: ❌ We can't protect against weak passwords

  • "password123" is easy to guess - in fact hackers try passwords like this first!
  • Use strong, unique passwords (e.g., "Tubara!Emma2025$Safe")

Or, better still, use a strong password generator and/or a password vault for extra security.

❌ We can't protect against shared logins

  • Don't give your password to older children
  • Don't write it down where kids can find it

❌ We can't protect your personal devices

  • Keep your phone/tablet/desktop PC locked
  • Use up-to-date software
  • Don't let children use your logged-in device unsupervised

❌ We can't stop determined, tech-savvy older kids

If a determined 15-year-old really wants to bypass parental controls, they might find a way. Tubara is designed for 3-11 year olds who won't attempt circumvention.

Security is a partnership - we provide the fortress, you control access to the keys.

11. What Happens If Something Goes Wrong?

Our Promise: If there's a data breach:

  • Immediate response - We secure the breach within hours

  • You're notified - Email within 72 hours (GDPR requirement)

  • Transparency - We explain exactly what happened and what data was affected

  • Regulatory reporting - We report to UK ICO as legally required

  • Investigation - Full analysis to prevent future issues

What's protected even in worst-case:

✅ Passwords (encrypted - useless to hackers)

✅ Child names/ages (encrypted - gibberish without keys)

✅ Payment details (we don't have them - Stripe does)

What could be exposed:

⚠️ Email addresses (visible in database)

⚠️ Channel approval lists (which families approved which channels)

⚠️ Watch history (what videos were watched when)

Good news: We've never had a breach, and our 100% security score means we're constantly monitored for vulnerabilities.

12. Regular Security Updates

What we do:

🔄 Weekly software updates - Keeping all systems current

🔍 Monthly security audits - Professional review of our systems

📝 Quarterly penetration testing - Ethical hackers try to break in (and we fix what they find)

📚 Staff security training - Everyone on our team knows security best practices

We don't wait for problems - we actively hunt for them.

Security Checklist for Parents:

✅ Use a strong, unique password (not used on other sites)

✅ Don't share your password with children

✅ Enable email notifications so you're alerted to account changes

✅ Lock your device when not in use

✅ Review your child's watch history regularly

✅ Check approved channels periodically for any surprises

✅ Keep the parental gate locked (don't stay logged into Parent Dashboard)

✅ Use different passwords for Tubara and your email

In Simple Terms:

Tubara security is like a medieval castle protecting your family's information:

🏰 Multiple walls and gates (layers of encryption)

🔐 A vault for valuable items (encrypted child data)

🚪 Locked doors between families (isolated accounts)

👮 Guards watching 24/7 (automated security monitoring)

🛡️ No bridges to the outside world (no social features)

📜 Honest about the limits (partnerships with parents)

Your family's data is protected by the same technology that banks and governments use.

We take security seriously because your children's safety is our highest priority.

Questions?

Security concerns:

  • security@tubara.world

  • Response time:1 hour for critical issues

  • Remember: No system is 100% unhackable, but Tubara uses industry-leading security practices to protect your family.

  • The best security is a combination of our technology and your vigilance as a parent.