Your security and privacy is our top priority. We have implemented bank-grade security in order to protect your personal data. We don't store your banking credentials and can't move money your money.

Banking & Brokerage Accounts

Finary does not store your banking credentials and cannot move your money.
We have a read-only access that allows us to display your data in your account. That's it.

Banking & Brokerage Credentials

Your credentials are securely encrypted and managed by our regulated aggregator partners, Plaid (US, Canada & UK) and Budget Insight (EU)
Plaid is the worlds leading account aggregator. Budget Insight is regulated by the French Central Bank and owned by Credit Mutuel, one of France's largest banks.
The Finary team never has access to your credentials.

Identifiants exchanges Cryptos

Crypto exchanges like Binance or Kraken can safely be connected via API keys that you can generate on your account.
Finary does not have access to your password.
You control these keys and can revoke them in one click.
These API keys are read-only. We can't initiate trades or move money in your accounts.

Data Protection and Privacy

We will never sell your data. Sorry Mark Zuckerberg. Your privacy is of paramount importance for us.
We strictly enforce GDPR regulation. For more information, please read our privacy policy

Security at Finary

Finary is secure by design. We apply bank-grade security in order to protect your privacy as well as your personal data.

Your data is encrypted at-rest and in transit using AES-256 and SHA-256 algorithms. This means that nobody can read your data while it's being transferred between your computer and our servers.
Our infrastructure uses best-in-class design and is optimized for security. Finary is regularly audited by independent security experts.
Our servers are all located in the Netherlands, the heart of the European Union. They are protected 24/7.
Automatic backups allow us to quickly restore your data in case of data loss. These backups are encrypted.
Our servers can only be access via SSH key. Passwords or root access won't be enough to get access.
We use third-party software in order to protect us against Denial-of-Service attacks.
Our domains are protected with DNSSEC.
Was this article helpful?
Thank you!