Trust, by construction.
Your customers' details and your takings deserve more than a checkbox. DirectDine is built so the secure path is the only path - not an add-on you have to remember to switch on.
Bcrypt-hashed passwords
Passwords are salted and hashed with bcrypt - never stored or logged in plain text. A
database leak doesn't become a password leak.
HMAC-signed sessions
Sessions ride in httpOnly, HMAC-signed cookies - invisible to JavaScript and tamper-evident,
so a stolen token can't be forged or replayed.
Server-side price verification
Every total is recalculated on the server at checkout. Prices sent from the browser are never trusted. So a tampered request can't buy a £40 meal for £4.
Postgres row-level security
Row-level security in Postgres means one restaurant's data is fenced off from another's at the database itself not just in application code.
Stripe-grade card handling
Card data is tokenised and handled by the payment provider - it never touches the DirectDine server. Your PCI scope stays as small as possible.
Per-portal auth model
Customers, staff, drivers and admins each authenticate through their own model with their own permissions - a driver can never reach the admin panel.
Quietly modern under the hood.
No bold claims needed just a stack chosen for reliability and real-time speed, the same tools the best product teams reach for.
Kick the tyres in the live demo.
It's the real product inlcluding sign in, place an order, and see the per-portal model in action.
