Security
Keeping your data and payments safe
Payments
All bookings are cash-only β payments are made in person at the venue. We do not process, store, or transmit any card details online.
Authentication
Passwords are hashed with bcrypt. Sessions use signed JWT tokens via NextAuth. OAuth logins (Google) do not expose your password to us.
Data Transmission
All traffic is served over HTTPS with HSTS preloading. HTTP Strict Transport Security is enforced for 2 years.
Report a Vulnerability
If you discover a security issue, please contact us responsibly at fivearena@gmail.com before disclosing publicly.