Skip to content

Security & PCI Compliance

Last updated: May 2026

ImageResizer is committed to the security of your data and privacy. This page explains our security practices and how your information is protected.

Payment Security

All donations made through ImageResizer are processed securely via Razorpay, a PCI DSS Level 1 compliant payment processor.

Important: - ImageResizer does not store, process, or have access to your credit card details - Razorpay handles all payment data securely in compliance with PCI DSS standards - Your payment information is encrypted and protected by Razorpay's infrastructure - ImageResizer only receives confirmation that a donation was successful

Image Processing Security

All image processing in ImageResizer happens entirely within your browser using the HTML5 Canvas API.

This means: - Your images are never uploaded to any server - Your files never leave your device - No one can access your images except you - Processing is entirely under your control

Data in Transit

All communication between your browser and ImageResizer servers is encrypted using HTTPS with TLS 1.2 or higher.

Security measures: - HTTPS enforced on all pages via Vercel CDN - HTTP Strict-Transport-Security (HSTS) headers enabled - All assets served over encrypted connections

Security Headers

ImageResizer implements industry-standard security headers to protect against common web vulnerabilities:

  • Content Security Policy (CSP) - Prevents XSS attacks and unauthorized script execution
  • X-Frame-Options - Prevents clickjacking attacks
  • X-Content-Type-Options - Prevents MIME type sniffing

No Server-Side Storage

ImageResizer is a static site with no server-side components that could store your data:

  • No backend server processing your images
  • No database storing your information
  • No files persisted on any servers
  • All computation happens on your device

Vulnerability Reporting

If you discover a security vulnerability in ImageResizer, please report it responsibly to: velanangadisystems@gmail.com

Please include: - Description of the vulnerability - Steps to reproduce - Potential impact

We typically respond within 24 business hours.

External Security

ImageResizer is built with: - Vercel CDN for static hosting (industry-leading security) - Open-source libraries with active security maintenance - OWASP security best practices

For more information about Razorpay's security practices, visit: Razorpay Security

Questions

If you have questions about ImageResizer's security practices: Contact us