Index/Security
Security · first principles

Not a feature.
The foundation.

Trakvance is built on the assumption that you should never have to trust us blindly. Here’s exactly how your data is protected — every encryption layer, every permission, every promise.

encryptedAES-256 encryptedvisibility_offRead-only accessflagUS-based serversverified_userSOC 2 partner
security.status
N°01 · Posture
shield_lock
● All systems nominal
Encryption, access, and audit — continuously verified.
100%
Encrypted
99.9%
Uptime 90d
0
Breaches
N°02 ———

Three pillars of protection.

03 principles

Every layer of Trakvance is built with your security as the top priority. These aren’t bolt-ons — they’re how the product works, by design.

01 / 03lock

We never see your password.

When you connect your bank, you log in through a regulated SOC 2 Type II financial data provider — the same infrastructure Venmo, Cash App and Robinhood use. Your credentials go to them. We never see, store, or touch your password.

02 / 03visibility_off

Read-only. Always.

The connection Trakvance has to your bank is read-only by design. We can see transactions. We cannot move money, initiate payments, or change anything about your account. Ever.

03 / 03shield

Military-grade encryption.

Your access tokens are encrypted with AES-256-GCM — the same standard banks and governments use. The encryption key lives in a separate vault from your data. Even if our servers were compromised, attackers would find only ciphertext.

N°03 ———

The checklist.

08 safeguards
Measured · Not aspirational

Every measure, verified.

We don’t mark ourselves for homework. Each of these is monitored continuously — encryption coverage, token security, infrastructure hardening, audit logs.

Current posture
98/100
Infrastructure hardening
encrypted
AES-256-GCM encryption on all stored tokens
checkActive
vpn_lock
TLS 1.3 encryption for all data in transit
checkActive
visibility_off
Read-only bank access — no money movement
checkActive
database
Encrypted US-based database servers
checkActive
key_off
Bank passwords never stored or transmitted
checkActive
verified_user
SOC 2 Type II certified data provider
checkActive
delete_sweep
Full data deletion on account removal
checkActive
admin_panel_settings
Row-level security on every database table
checkActive
N°04 ———

How the bank connection works.

05 steps

No magic. When you connect your bank, here’s every hop your credentials and data actually take — and where they never go.

Request path

Your password never touches our servers.

Your bank login happens on a secure, regulated third-party page. Trakvance only ever receives a read-only access token — and that token is encrypted the moment it arrives.

01
User → Secure provider

You log into your bank

On a regulated, SOC 2 Type II provider's page — not on Trakvance's servers. Your password goes directly to them.

02
Provider → Trakvance

A read-only token is issued

The provider hands us a narrow, read-only access token. No password, no write access, no money movement.

03
Trakvance — ingest

Token is encrypted immediately

AES-256-GCM encryption runs before it touches our database. The key lives in a separate vault.

04
Trakvance — runtime

Transactions sync automatically

We receive webhook updates on every new transaction. Stored encrypted on US-based servers with row-level security.

05
You — always

You stay in control

Disconnect anytime from Settings. Connection removed immediately, all associated data deleted within 24 hours.

check_circleWhat happensboltTransactions syncedradarRefunds trackedblockNever: passwords storedblockNever: money movedblockNever: data sold
N°05 ———

Certifications & compliance.

06 standards

Industry-standard protections, verified by independent audits and aligned to the frameworks you expect from financial infrastructure.

verified_user
SOC 2 Type II
Certified data partner
encrypted
AES-256-GCM
At-rest encryption
https
TLS 1.3
In-transit protection
flag
US-based
All data stored in US
gavel
CCPA ready
Privacy rights aligned
lock_person
Read-only
No money-movement scope
N°06 ———

You’re always in control.

02 promises

Connecting your bank isn’t permanent. You decide what data we hold, how long we hold it, and when it’s gone. Our commitments are explicit.

tune

What you can do

  • check_circleDisconnect your bank anytime — from Settings → Connected Banks. The link drops immediately.
  • check_circleDelete your account and all data instantly — transactions, tokens, AI chat history, everything.
  • check_circleExport your full history — CSV, PDF, or JSON, on demand.
  • check_circleSee exactly what we have — a single page lists every piece of data tied to you.
block

What we’ll never do

  • cancelNever sell your data to brokers, advertisers, or anyone else. Our revenue comes from you.
  • cancelNever train AI models on your personal transactions. Your data is yours.
  • cancelNever move money on your behalf. Our connection is read-only — we couldn't even if we wanted to.
  • cancelNever share without consent — not with partners, marketers, or third parties.
N°07 ———

Common questions.

06 answers
Your bank password is never stored with us — it only ever existed on the secure third-party connection page. If our servers were compromised, attackers would find encrypted tokens (useless without a separate encryption key) plus transaction history they could not act on. No money movement scope exists on our side.
No. The connection is read-only by design. Trakvance can see transactions but cannot initiate payments, transfers, or any changes to your account — the permission doesn't exist in our system.
Settings → Connected Banks → Disconnect. Your connection is removed immediately and all associated data is deleted within 24 hours. No hoops, no hold-ups.
A regulated, SOC 2 Type II certified financial data company that powers connections for Venmo, Cash App, Robinhood, and over 7,000 other apps. They're the trust layer banks have already approved.
On encrypted, US-based servers. Data is encrypted at rest and in transit. We never store data outside the United States.
Never. Trakvance makes money from subscriptions only — not from selling, sharing, or monetising your financial data in any form.
Found a vulnerability? security@trakvance.com →
N°08 ———— Questions?

Trust is earned
in specifics.

If something on this page wasn’t clear enough, reach out. We’re happy to walk through any layer in more detail.

Email securityarrow_forwardVisit support