Authridge delivers enterprise-grade secure communication infrastructure for SaaS platforms, financial institutions, and regulated businesses across the UK and Europe.
Trusted by regulated enterprises across the UK and Europe
Every component of Authridge's platform is designed for enterprises operating in regulated environments where reliability and accountability are non-negotiable.
High-throughput transactional messaging delivery with full audit trails, bounce management, and real-time reporting dashboards.
Dedicated SMTP relay endpoints with enforced STARTTLS, DANE support, and mutual TLS authentication for enterprise senders.
RESTful API for programmatic message dispatch, suppression list management, webhook callbacks, and delivery analytics retrieval.
Guided onboarding for SPF, DKIM, and DMARC configuration with automated validation checks and ongoing monitoring alerts.
Isolated IP pools with managed warm-up schedules, proactive blacklist monitoring, and separate pools for critical traffic classes.
Granular reporting on delivery, bounce, complaint, and open metrics with exportable audit logs for regulatory compliance.
Authridge is strictly a transactional messaging provider. All accounts undergo manual compliance review and identity verification prior to activation. We enforce opt-in communication requirements across our entire platform with automated abuse detection and immediate suspension policies for policy violations.
All new client accounts are subject to a comprehensive onboarding review including business verification, intended use case assessment, and legal entity confirmation. Accounts suspected of violating our Acceptable Use Policy are suspended immediately and referred to our internal risk and compliance team.
Authridge Ltd was founded in 2021 by a team of infrastructure engineers and compliance specialists with backgrounds in financial services technology. The company was established to address a clear gap in the UK market: the absence of a purpose-built, compliance-first transactional messaging provider built to meet the standards of regulated industries.
We provide the infrastructure backbone for transactional communications that regulated organisations depend upon. Our platform is not a bulk mailing service — it is a precision delivery layer built around identity verification, domain authentication, and continuous compliance monitoring.
Every decision we make as a company prioritises the integrity of the email ecosystem and the trust placed in us by our clients and their end users.
| Company Number | 14287163 |
| VAT Number | GB 412 8834 05 |
| Incorporated | March 2021 |
| Jurisdiction | England & Wales |
| ICO Registration | ZB489714 |
Chief Executive Officer
Former Head of Infrastructure Engineering at a FTSE 250 financial services firm. 18 years' experience in enterprise messaging and identity systems.
Chief Compliance Officer
Data protection and regulatory compliance specialist. Former senior adviser at the Information Commissioner's Office (ICO). LLM, University of Edinburgh.
Chief Technology Officer
Distributed systems engineer with expertise in high-availability messaging infrastructure, TLS implementation, and abuse detection systems.
Authridge Ltd
71–75 Shelton Street
Covent Garden
London WC2H 9JQ
United Kingdom
Authridge's platform is purpose-built for transactional messaging only. Our solutions cover every layer of the email delivery stack, from authentication to reputation management.
Our transactional email infrastructure is designed exclusively for system-generated, opt-in communications: account notifications, password resets, order confirmations, statements, and regulatory disclosures. All sending is subject to strict use case validation during the onboarding process.
Features include: dedicated MX routing, real-time delivery status webhooks, configurable retry logic, suppression list enforcement, and full MIME audit logging. Messages are never queued for bulk or marketing delivery — all traffic passes through transactional routing rules with per-message latency targets.
Our SMTP relay service provides authenticated, encrypted relay endpoints for enterprise senders requiring a robust outbound gateway. Connections are secured with STARTTLS (enforced), with TLSv1.3 preferred and TLSv1.2 as a minimum requirement.
Relay access is restricted to approved IP addresses and authenticated credentials. All sessions are logged, rate-limited per account tier, and monitored for anomalous behaviour by our automated abuse detection systems.
The Authridge RESTful API enables programmatic integration of transactional messaging into applications. Endpoints are available for message dispatch, template management, suppression list operations, domain verification status, and analytics retrieval.
API access is issued following successful account approval. All API keys are scoped to specific sending domains and carry rate limits aligned with account tier. API usage is fully audited and visible within the client dashboard.
Dedicated IP pools are allocated per client on qualifying plans, with structured warm-up programmes managed by our delivery team. We monitor all IPs against major blacklist databases (Spamhaus, Barracuda, Sorbs) in real time and provide immediate notification and remediation support in the event of a listing.
Bounce and complaint feedback loops are configured for all major ISPs. Complaint rates are monitored continuously and accounts approaching threshold limits receive automated notifications before suspension is considered.
Authridge's platform is designed for organisations where the integrity of transactional communications carries legal and reputational weight.
All plans require a completed compliance review and identity verification before activation. Pricing is exclusive of UK VAT.
All pricing excludes UK VAT at the prevailing rate. Overage charges apply at £1.20 per 1,000 messages beyond plan limits. Annual agreements available with 15% discount. All accounts subject to compliance review — activation is not guaranteed.
Welcome to the Authridge technical documentation. This reference covers everything required to integrate with the Authridge platform for compliant transactional email delivery.
Authridge provides a transactional messaging infrastructure layer consisting of three primary integration methods:
smtp.authridge.co.uk on port 587 (STARTTLS required)https://api.authridge.co.uk/v1/
API requests are authenticated using Bearer token authentication. Include your API key in the Authorization header:
Authorization: Bearer auk_live_xxxxxxxxxxxxxxxxxxxxxxxx
POST /v1/messages/send
{
"from": "noreply@yourdomain.co.uk",
"to": "recipient@example.com",
"subject": "Your account statement is ready",
"html": "<p>Your monthly statement is now available.</p>",
"text": "Your monthly statement is now available.",
"tags": ["statement", "finance"],
"tracking": {
"opens": false,
"clicks": false
}
}
| Setting | Value |
|---|---|
| Hostname | smtp.authridge.co.uk |
| Port | 587 |
| Security | STARTTLS (required) |
| Authentication | LOGIN or PLAIN |
| Username | Your API key |
| TLS Minimum | TLSv1.2 |
| TLS Preferred | TLSv1.3 |
Authridge delivers real-time delivery event data to your configured webhook endpoint via HTTPS POST. The following event types are supported:
Webhook payloads are signed using HMAC-SHA256 with your webhook secret. Validate the X-Authridge-Signature header on all incoming requests.
Authridge's platform is built on the principle that security and compliance are foundational properties, not optional add-ons. Every layer of our infrastructure is designed to meet the requirements of regulated industries.
All connections to Authridge infrastructure are encrypted. SMTP relay requires STARTTLS with a minimum of TLSv1.2. API endpoints enforce TLSv1.3. We do not accept unencrypted connections from senders. Certificate validation is enforced for all outbound delivery attempts where the recipient supports DANE or MTA-STS.
All sending domains must have valid SPF, DKIM, and DMARC records configured and verified before a domain is activated for sending. We provide guided setup documentation and automated verification tools. Domains with a DMARC policy below "reject" are flagged for review and may be restricted.
Dedicated IP clients receive isolated IP pools with no shared reputation exposure. Our delivery team monitors all IP addresses against major real-time blacklist databases 24 hours a day. IP warm-up programmes are managed by our team to protect sender reputation from the outset.
Our automated abuse detection systems analyse sending behaviour, complaint rates, bounce patterns, and volume anomalies continuously. Accounts triggering threshold alerts are automatically rate-limited pending manual review. Our internal risk team reviews flagged accounts within one business hour.
Every new account undergoes a structured onboarding review before credentials are issued. This includes business identity verification (KYC), use case assessment, intended recipient relationship review, and legal entity confirmation. Accounts are not activated without explicit approval from our compliance team.
Authridge maintains an internal fraud prevention programme including device fingerprinting, registrant identity cross-referencing, and ongoing behavioural analytics. Accounts with indicators of fraudulent intent are declined at onboarding or suspended immediately if identified post-activation.
| Framework | Applicability | Status | Notes |
|---|---|---|---|
| UK GDPR | All clients | ✓ Active | Data Processing Agreements available for all accounts |
| PECR 2003 | UK senders | ✓ Active | Opt-in enforcement enforced at platform level |
| CAN-SPAM Act | International clients | ✓ Active | Unsubscribe mechanics required for eligible traffic |
| ISO 27001 | Infrastructure | In Certification | Audit completed Q1 2025, certification pending |
| SOC 2 Type II | Enterprise clients | ✓ Active | Report available under NDA to enterprise accounts |
| ICO Registration | UK data processing | ✓ Registered | Registration ZB489714 |
Authridge maintains a zero-tolerance policy for unsolicited bulk email, spam, and any form of messaging to recipients who have not provided explicit prior consent. Use of Authridge infrastructure for unsolicited communications, purchased lists, scrape-sourced contacts, or any form of spam will result in immediate account termination, forfeiture of any pre-paid fees, and referral to the relevant regulatory authority. We actively cooperate with the ICO, Ofcom, and law enforcement agencies in cases of alleged abuse.
All new account applications require a completed enquiry form. Our compliance team reviews each request and will respond within two business days.
Authridge Ltd
71–75 Shelton Street
Covent Garden
London WC2H 9JQ
United Kingdom
Monday – Friday: 09:00 – 18:00 GMT
Compliance team: 09:00 – 17:30 GMT
Emergency support: 24/7 (Enterprise only)
Last updated: 1 January 2026 | Version 3.1
This Privacy Policy explains how Authridge Ltd ("Authridge", "we", "us", "our"), a company registered in England and Wales under company number 14287163, collects, uses, stores, and protects personal data. We are registered with the Information Commissioner's Office (ICO) under registration number ZB489714.
This policy applies to all personal data processed through our website (authridge.co.uk), our client portal, our API services, and our internal business operations.
We collect personal data in the following categories:
We process personal data on the following legal bases under UK GDPR:
We retain account and transaction records for a minimum of six years following the end of the client relationship, in accordance with UK financial record-keeping requirements. Technical logs are retained for 90 days. Identity verification documents are retained for five years following account closure in compliance with applicable KYC obligations.
We engage third-party sub-processors to support our operations. All processors are bound by appropriate data processing agreements. We do not sell or share personal data with third parties for advertising or marketing purposes. Our sub-processor register is available upon request.
Under UK GDPR, you have the right to access, rectify, erase, restrict, or port your personal data, and to object to certain types of processing. To exercise any of these rights, contact us at privacy@authridge.co.uk. We will respond within one calendar month.
Our primary infrastructure is hosted within the United Kingdom and European Economic Area. Where data is transferred outside these regions, we ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the ICO.
For privacy-related enquiries, contact our Data Protection Officer at privacy@authridge.co.uk or write to our registered office.
Last updated: 1 January 2026 | Version 4.0
These Terms of Service ("Terms") govern your access to and use of services provided by Authridge Ltd, a company incorporated in England and Wales (company number 14287163), registered office at 71–75 Shelton Street, Covent Garden, London WC2H 9JQ. By registering for an account or using our services, you agree to be bound by these Terms.
Accounts are available to businesses only. Individual consumer accounts are not offered. You must be a duly authorised representative of your organisation and provide accurate, complete information during the registration and identity verification process. Authridge reserves the right to decline any application at our sole discretion.
Your use of the Authridge platform is governed by our Acceptable Use Policy, incorporated herein by reference. In summary: services may only be used for lawful, opt-in transactional communications. Unsolicited bulk email, spam, and any communication to recipients who have not provided explicit prior consent are strictly and absolutely prohibited.
You are responsible for ensuring that all messages sent via the Authridge platform comply with applicable law, including UK GDPR, PECR, and the CAN-SPAM Act where applicable. You must maintain accurate suppression lists and honour unsubscribe requests within five business days.
Authridge commits to the uptime levels specified in your service agreement. Planned maintenance windows are communicated with a minimum of 48 hours' notice. The service is provided on an "as is" basis subject to the limitations and warranties in your subscription agreement.
Authridge may suspend or terminate any account immediately and without notice where we have reasonable grounds to believe that the account is being used in violation of these Terms, our Acceptable Use Policy, or applicable law. Suspended accounts do not receive refunds for pre-paid periods.
To the maximum extent permitted by law, Authridge's total liability to you in connection with these Terms shall not exceed the fees paid by you to Authridge in the twelve months preceding the event giving rise to the claim.
These Terms are governed by the laws of England and Wales. Any disputes shall be subject to the exclusive jurisdiction of the courts of England and Wales.
Last updated: 1 January 2026 | Version 2.3
Authridge infrastructure may not be used for any form of unsolicited bulk email, spam, or messaging to recipients who have not provided explicit, verifiable prior consent. Violation of this policy will result in immediate account termination.
The Authridge platform is authorised exclusively for the following use cases:
The following activities are strictly prohibited:
All recipients of messages sent via the Authridge platform must have provided explicit prior consent to receive communications from your organisation. Consent must be freely given, specific, informed, and unambiguous. You are responsible for maintaining records of consent and making these available to Authridge upon request.
Accounts must maintain complaint rates below 0.08% and bounce rates below 2.0% at all times. Accounts approaching these thresholds will receive automated alerts. Accounts that persistently exceed these thresholds may be suspended pending investigation.
Authridge monitors all accounts in real time for compliance with this policy. Violations may result in immediate suspension, account termination, and referral to the relevant regulatory authorities including the ICO, Ofcom, or law enforcement. We cooperate fully with legitimate legal requests from regulatory bodies.
If you believe Authridge infrastructure is being misused, please report it to abuse@authridge.co.uk. All abuse reports are reviewed by our compliance team within one business hour during office hours.
Sign in to access your dashboard