Built for the questions you're paid to ask.
Signals places automated phone calls on behalf of businesses. That responsibility is engineered, not promised. This page describes how events are authenticated, how recipients are protected, how results are delivered, and what the platform refuses to carry.
Event authentication
- Every Signal exposes a single active webhook endpoint, authenticated with an account-generated secret.
- Credentials can be rotated at any time; rotation invalidates the previous secret immediately.
- Failed authentication responses do not disclose whether a credential exists.
- Duplicate protection is enforced on customer-supplied event IDs: replayed or redelivered events do not create duplicate calls.
Recipient protection
- Do-not-call by design. Every account maintains a suppression list. It is checked before dispatch, every time: a suppressed call is never placed and never billed. Recipients can add themselves with a single keypress during any call.
- Calling windows. The platform enforces local calling hours. Customers cannot configure their way around them.
- Frequency guardrails. Platform-level limits prevent repeated calls to the same recipient — including the failure mode where a misconfigured customer trigger loops.
- Caller identity. Calls are placed only from caller IDs owned by the calling business. Recipient numbers are validated before dispatch.
- Scripts never extract. Signals calls convey information about the recipient's own account and offer a next step. Platform policy prohibits requesting OTPs, card details, or account credentials on any call.
Acceptable use
Policy
Signals carries transactional, relationship-based voice only. Every call must be triggered by a real event involving an existing customer of the calling business. The platform does not accept debt collection or payment-recovery traffic, cold outreach, or calls to purchased or third-party lists. Use cases in sensitive categories receive additional review before activation.
Result delivery
- Call outcomes delivered to customer systems are HMAC-signed, so consumers can verify origin and integrity.
- Deliveries are retried with exponential backoff and recorded in a delivery audit log.
- Delivery is idempotent per event, so consumer systems can process safely.
Platform integrity
- Telephony status callbacks are cryptographically signature-verified — using constant-time comparison — before they touch call state; unverifiable callbacks are rejected without disclosure.
- Voice-provider credentials are provisioned server-side and stored as one-way hashes; they are never exposed to browsers or client applications.
- Audio assets are stored server-side and referenced, never re-uploaded through clients.
- Test payloads and test calls are explicitly marked and excluded from production reporting.
Auditability
Every call carries a complete record: the triggering event, dispatch decision (including suppression outcomes), call status transitions, duration, keypad response, and the customer metadata supplied with the originating event. What your regulator, your auditor, or your own postmortem needs is what the system already keeps.
Data protection
Signals processes recipient phone numbers, optional names, and the message parameters supplied by the calling business, for the sole purpose of placing and reporting the requested calls.
PressOne complies with the Nigeria Data Protection Regulation and undergoes the required annual data-protection audit; our most recent audit, for 2025, was passed. Customers remain responsible for their own NDPR compliance, including the lawful basis for the service communications they trigger to their customers.
Ask us the hard questions.
Security reviews and compliance questionnaires are part of our onboarding, not an exception to it.