Security

Bank Level Protection

Encryption

WalletFi secures all non-public information with 256-bit strong encryption and uses TLS 1.2 or above to communicate with any third-party providers. Non-public private information such as bank credentials or account numbers is not stored in the WalletFi environment.

These sensitive credentials are encrypted and stored within device secure storage or in a secure vault. Encrypted or unencrypted sensitive information is never stored in log

Protection

WalletFi will never sell or freely distribute raw user data. We may work with third party services like Plaid who store and work with user data, but all third party services are minimally SOC-2 compliant institutions that understand and take seriously the sensitive nature of your financial information.

WalletFi is also functioning within security and development industry standards and will undergo third party code reviews, penetration tests and vulnerability scans of the WalletFi environment to maintain our commitment to security.

Architecture

WalletFi services are hosted on Amazon Web Services. AWS provides robust data and physical security provisions that can be viewed in WalletFi’s SOC2 documentation. All servers reside in private networks only accessible through hosts that require 2-factor Authentication, and are regularly patched to minimize the risk of known vulnerabilities.

Database and decryption servers are unable to access or be accessed through the Internet and can only communicate with specific instances in our private network.

Ready to see what WalletFi can do for your institution?


Talk to an Expert