Security
We take a defense-in-depth approach so regulated entities can trust programmable money even when users move value offline.
Controls
- Root/jailbreak checks, anti-tamper, anti-hooking defenses
- Secure Element (SE) usage when available; robust fallback when not
- Cryptographic signatures and rolling counters on value movement
- Policy-driven offline limits and risk thresholds
What we guarantee vs. what we don’t
- We enable rapid attribution for offline double-spend attempts, including collusion scenarios.
- We do not claim perfect offline prevention on compromised devices.
Standards & alignment
- Aligned with RBI expectations for CBDC offline modalities and responsible risk controls.
- Nomesma is middleware, not a bank; features assist regulated entities.