WalletFi secures all non-public information with 256-bit strong encryption and uses TLS 1.2 or above to communicate with any third-party providers. Non-public private information such as bank credentials or account numbers is not stored in the WalletFi environment.
These sensitive credentials are encrypted and stored within device secure storage or in a secure vault. Encrypted or unencrypted sensitive information is never stored in log
WalletFi will never sell or freely distribute raw user
data. We may work with third party services like
Plaid who store and work with user data, but all
third party services are minimally SOC-2 compliant
institutions that understand and take seriously the
sensitive nature of your financial information.
WalletFi is also functioning within security and development industry standards and will undergo third party code reviews, penetration tests and vulnerability scans of the WalletFi environment to maintain our commitment to security.
WalletFi services are hosted on Amazon Web
Services. AWS provides robust data and physical
security provisions that can be viewed in
WalletFi’s SOC2 documentation. All servers
reside in private networks only accessible
through hosts that require 2-factor
Authentication, and are regularly patched to
minimize the risk of known vulnerabilities.
Database and decryption servers are unable to access or be accessed through the Internet and can only communicate with specific instances in our private network.