Security & Trust
Enterprise Architecture designed to protect your store and your customers.
Shadow Carts Technology
We use a proprietary "Shadow Cart" architecture to prevent session hijacking. When an AI agent creates a cart, it is done in a sandboxed environment isolated from your live store sessions.
The hand-off to the user occurs via a secure, one-time signed token that validates the session integrity before converting the shadow cart into a real WooCommerce user session.
AI Data Sovereignty
Your store data belongs to you. UCP-Connect acts strictly as a protocol layer. We do not store your customer's PII (Personally Identifiable Information) on our servers longer than necessary to facilitate the transaction.
We explicitly contract with AI partners to ensure your data is NOT used for model training without your secure opt-in.
Infrastructure Security
Encryption in Transit
All data transmitted between your WooCommerce store, the UCP API, and AI agents is encrypted using TLS 1.3.
API Key Management
We use industry-standard secrets management to protect your API keys. Keys are never exposed to the frontend client.
DDoS Protection
Our infrastructure is protected by global edge networks to mitigate Denial of Service attacks against your agent endpoints.