16.2 Session Integrity
The system support session integrity by terminating token at fixed interval to prevent session hijacking. Additionally, upon logout, session tokens are cleared and removed from the client.
-
Session tokens are uniquely generated and are never reused.
-
Session tokens are generated and secured using cryptographic hashing and encryption algorithms to ensure randomness and security.