Security
State-of-the-Art Encryption
All data is transmitted over secure HTTPS using TLS 1.2. This is the same data transmission encryption used by banks and other financial institutions. Data is encrypted at rest using 256-bit AES - for maximum protection.
Advanced Privacy Protection
Members must authorize the connection of banking information through email confirmation, ensuring that data is never shared with Recoup without explicit member consent. Strict system-wide permission controls ensure that data access is restricted to only authorized personnel.
Access Controls
Separate access controls are enforced at each layer of infrastructure. Multi-factor authentication is required for access to Recoup's infrastructure. All application and user access logs are stored centrally and monitored.
Proactive Threat Scanning
Our team is constantly evaluating our security aspects across the organization. Audit trails are logged and reviewed to detect any anomalous behavior as early as possible.
Traffic Controls
The Plaid API, that powers Recoup, only allows client requests using strong TLS protocols and ciphers. Communication between Plaid infrastructure and financial institutions is transmitted over encrypted tunnels. All client communication with Plaid's API utilizes cryptographically hashed headers and timestamps to verify authenticity.
Secure, Reliable Data Centers
Your data is stored in a secure, offsite cloud infrastructure. This data center is monitored 24/7 and access is strictly controlled to authorized individuals only. Data backups are held in multiple secure locations to ensure redundancy and availability.