CoolHanX
Feature

Access control & security

Your invoice data is sensitive. CoolHanX protects the work zone with two-factor sign-in plus IP, country and device restrictions — enforced server-side, not just in the browser.

Why the e-invoice is a security matter

An e-invoicing tool holds turnover figures, customer lists, bank details and the tax archive. A compromised account means a data breach and a fraud risk. Many SMB tools offer only a password here.

CoolHanX separates a work zone (issuing, receiving, exporting — desktop only, strictly protected) from an account zone (profile, plan — reachable on mobile too). The protection policy applies server-side to the work zone — it cannot be circumvented by bypassing the browser.

Zugriffsschutz und ein unveränderbares, gesiegeltes Archiv
Sicherheit: 2FA, IP-/Länder-Regeln und Rollen schützen das unveränderbare ArchivGoBD-ArchivunveränderbarZwei-Faktor (2FA)IP- & Länder-RegelnRollen & RechtePrüfsummen-SiegelZugriffsprotokollBackup & Export
Access control per tenant: IP allowlist, country restriction, device binding — verified server-side.
The protection layers
LayerEffectConfigurable
Two-factor (2FA)TOTP in addition to the passwordper user
IP allowlistAccess only from defined networks/CIDRsper tenant
Country restrictionAccess only from permitted countries (ISO-2)per tenant
Device bindingonly registered, approved devicesper tenant
PC requirement (work zone)sensitive work on the desktop onlydefault

Locking yourself out is ruled out

A security feature that locks you out is dangerous. That is why CoolHanX checks every new policy against the current connection: anyone who saves an IP, country or device rule that would exclude them is met with a rejection instead of a lockout. The account zone (profile, payment) also stays reachable, so there is always a way back in an emergency.

Data holding & GDPR

Operations and data are in Frankfurt am Main, GDPR-compliant, with a data processing agreement (AVV). Invoices are sealed with a checksum in a GoBD-compliant way and retained immutably for the statutory period — deletion before the deadline is blocked by the system.

Frequently asked questions

Does the protection only apply in the browser?

No — the policy is enforced server-side. Bypassing the interface does not help.

Can I lock myself out?

No — a policy that would exclude your current connection is rejected instead of applied.

Is 2FA mandatory?

2FA can be enabled per user and is strongly recommended; for sensitive tenants it can be made a requirement.

Why is the work zone limited to the PC?

Issuing, receiving and exporting are sensitive operations; the restriction reduces the attack surface. Profile and plan stay reachable on mobile.

Where is my data held?

In Frankfurt am Main, GDPR-compliant, AVV included — the archive remains intact until the deadline even after cancellation.

Work zone and account zone — deliberately separated

CoolHanX separates two areas with differing protection needs. The work zone (issuing, receiving, exporting, settings) processes the most sensitive data and is reserved for the desktop — touch devices on foreign networks are a larger attack surface. The account zone (profile, plan, payment) is less critical and stays reachable on mobile too, so there is always a way back in an emergency. This boundary is drawn server-side, not just in the browser.

Protection layer, effect and scope
LayerEffectScope
Two-factor (TOTP)second factor in addition to the passwordper user, recommended
IP allowlistAccess only from defined networks/CIDRsper tenant
Country restrictionAccess only from permitted countries (ISO-2)per tenant
Device bindingonly registered, approved devicesper tenant
PC requirement (work zone)sensitive work on the desktop onlydefault

Why the effective IP matters

For IP and country rules, what matters is which IP address counts as „the user’s“. Behind a reverse proxy that is not the proxy address but the client IP passed through via the X-Forwarded-For header. CoolHanX evaluates this effective IP — the operation is configured so that this header is only set by its own trusted edge, so the policy cannot be circumvented by spoofed headers.

Password policy and sign-in protection

Passwords must meet a minimum length and complexity and are stored only as a hash, never in plain text. Sign-in is additionally throttled against brute force (limited attempts per account and time window). Combined with TOTP 2FA, a single leaked password is therefore not enough on its own to gain access.

Related topics

Allgemeine Produktinformation — keine Rechts- oder Steuerberatung. Verbindliche Auskünfte gibt Ihr Steuerberater bzw. Ihre Rechtsberatung.

Ready? Up and running in two minutes — no credit card.

Create your free company account