Security Architecture

SOC2Snapp is designed from the ground up for enterprise security. Everything runs in your browser — no screenshot data ever touches our servers.

Architecture Overview

SOC2Snapp operates as a fully client-side Chrome extension. There are no server-side components — all capture, redaction, signing, and storage happens in your browser.

┌─────────────────────────────────────────────┐

│ Your Browser (Chrome Extension) │

│ │

│ ┌───────────┐ ┌───────────┐ ┌─────────┐ │

│ │ Capture │→ │ Redact │→ │ Sign │ │

│ │ Screenshot │ │ Hide PII │ │ Verify │ │

│ └───────────┘ └───────────┘ └─────────┘ │

│ │ │ │

│ ▼ ▼ │

│ ┌───────────┐ ┌─────────┐ │

│ │ Storage │ │ Export │ │

│ │ Local Only │ │ Files │ │

│ └───────────┘ └─────────┘ │

│ │ │

│ ▼ │

│ ┌──────────┐ │

│ │ Download │ │

│ │ to Disk │ │

│ └──────────┘ │

└─────────────────────────────────────────────┘

Client-Side Processing

Screenshot Capture

Takes a pixel-level snapshot of the tab you're currently viewing. SOC2Snapp does not read, modify, or interact with page content — it only captures what's visible on screen.

PII Redaction

Text recognition runs entirely in your browser to detect sensitive information. Detected PII is blurred locally with configurable strength. No text or image data is sent to any server.

Digital Signatures

Your browser generates unique signing keys that are stored securely on your device. Each capture is digitally signed to prove it hasn't been tampered with. Signature files are exported alongside your screenshots.

Metadata Embedding

The page URL, timestamp, browser details, and a unique fingerprint are embedded directly into each screenshot file. This creates an auditable evidence trail without relying on external services.

Permissions Explained

Permission	Why	What we DON'T do
activeTab	Take a screenshot of the tab you're viewing	Read or modify page content
storage	Store settings and audit log	Sync data to external servers
unlimitedStorage	Store high-res screenshots locally without space limits	Store data beyond what user captures
downloads	Save screenshots and signature files to your computer	Download anything without user action
sidePanel	Side panel UI for capture management	Overlay or inject into web pages
host_permissions	Take screenshots on any webpage you're auditing	Read page content, inject code, or intercept network activity

Data Flow Summary

User triggers capture → Browser takes a pixel-level screenshot

Metadata embedded → URL, timestamp, and browser details saved inside the image file

PII detected & reviewed → Text recognition runs locally in your browser

Digitally signed → Unique signing keys created and stored securely on your device

Stored locally → Saved in your browser's local storage

Export → Download screenshots and signature files to your computer

Have security questions? Contact us at sakshambhardwaj.tech@gmail.com or visit our support page.