Security has been fundamental to Pefin from day one. Our security standards are as strong as your bank, and stronger than most financial applications out there today.
Your critical and valuable information is not readable. We use military-grade encryption to scramble your personally and financially identifiable information on our systems.
We partner with MX™ to securely link to your financial institutions. We never store your login credentials, and as such, they are not part of our systems.
Pefin is as secure as your bank
Pefin’s security is as good or better than most banks. Our infrastructure resides in secured facilities managed by Amazon AWS™ and is monitored 24/7 by automatic processes that detect suspicious or unusual activity. We use enterprise level technology from Microsoft™, Amazon Web Services™, and other providers that follow the latest security standards.
Your critical and valuable information is not readable.
We use military-grade encryption (AES 256) on your data. Every piece of personally and financially identifiable information is scrambled — from the email you use to login to the personally identifiable data associated with your linked financial accounts.
We use multi-factor authentication to prevent unauthorized logins.
When you login, we use multi-factor authentication to verify your identity (we send a unique code to your email). Your data is decrypted and shown to you only after your login is verified. This is why is it is important that you keep your login credentials secure.
No, Pefin does not store your financial account logins.
When you input the login information to your financial accounts, we securely pass them onto MX™ — our partner aggregation service. We never store your login credentials, and as such they are not part of our systems at all.
Your personal and financial information are segregated.
Your personally identifiable information and your financial information are kept on two different systems. Both parts of your data are scrambled with different sets of encryption keys. A hacker would have to penetrate both systems, and would need to know all the keys to link your information together.
Even at Pefin, no employee knows all the keys — not even the CEO, CTO, or Database Architect.