Security at Finance Tracker

Your financial data deserves the highest level of protection. Learn how we safeguard your information with industry-leading security measures.

Security Features

Data Encryption

AES-256-GCM encryption for all sensitive data at rest. TLS 1.3 for all data in transit. Encrypted API keys with secure key management. End-to-end encryption for sensitive financial data.

Authentication & Access

Secure password hashing with bcrypt. Session management with secure, httpOnly cookies. Two-factor authentication (2FA) support. Automatic session timeout for inactive users.

Infrastructure Security

SOC 2 compliant cloud infrastructure. DDoS protection and rate limiting. Web Application Firewall (WAF). Regular security patches and updates.

Our Security Practices

Regular Security Audits

We conduct comprehensive security audits quarterly, including penetration testing by independent security firms, code reviews and static analysis, vulnerability scanning and assessment, and security training for all team members.

Incident Response

We maintain a 24/7 incident response team with real-time monitoring and alerting systems, defined escalation procedures, regular incident response drills, and transparent communication policies.

Data Retention & Deletion

We follow strict data retention policies including financial data retained only as long as necessary, automated deletion of expired data, secure data wiping procedures, and audit logs maintained for compliance.

Security Tips for Users

Protect Your Account

Follow these recommendations to keep your account secure:

Use a strong, unique password for your Finance Tracker account
Never share your login credentials with anyone
Be cautious of phishing emails claiming to be from Finance Tracker
Always verify you're on the official financetracker.au domain
Log out when using shared or public computers
Keep your browser and operating system updated