Your security is our top priority.
InvestorKeep understands the challenges of cybersecurity as well as the responsibility to keep our customers information safe
We Never Access or Store Bank Login Information
InvestorKeep utilizes Yodlee, a financial technology industry leader, to facilitate securely linking your financial accounts to the InvestorKeep Platform. With over a decade of experience securely connecting with financial institutions (i.e. Morgan Stanley, Bank of America, J.P. Morgan Chase Bank, US Bank, etc.) Yodlee provides an added layer of safety between your data and anyone who would want to access your financial account information. Your bank and brokerage credentials are only stored at Yodlee, not with InvestorKeep.
Yodlee's security controls are bank grade and regularly assessed by regulators, industry standard bodies, and financial institution clients.
2-Step Verification on All Accounts
Your account will benefit from Two Factor Authentication as a second layer of security beyond your password to access your InvestorKeep account. In addition to your unique login name and password, you must first authenticate each device that accesses your account. Before you can access your account on any new device, you'll receive an automated SMS asking to confirm your identity with a unique one time passcode.
All Data is Encrypted Following Highest Industry Standards
Advanced Encryption of Data
Our compute infrastructure requires the use of the most secure TLS v1.2 protocol, older TLS and SSL insecure versions are not allowed. Customer data is protected in our storage services which support the highest security standards and compliance certifications including SEC Rule 17a4, PCIDSS, HIPAA/HITECH, FedRAMP, EU GDPR, and FISMA. Our data services use one of the strongest block ciphers available, 256bit Advanced Encryption Standard (AES256).
All Information is Protected at Rest and In Transit
We maintain strict internal access controls which ensure no individual at InvestorKeep has access to your bank credentials. All data is encrypted using RSA with a 2048 bit encryption with salting the most critical customer data.
Our Systems are Routinely Tested by Third-Party Auditing Firms
In addition to robust internal security auditing controls, we perform regular third-party security audits to test and verify the integrity of our systems and storage infrastructure. In the event that your InvestorKeep account is ever compromised, our platform and application services are designed to ensure that you are still safe.
InvestorKeep works with third-party auditing firms to ensure that our internal controls meet the high standards of the SOC 2 audit framework so that our customers and partners can rest assured that security is among our highest priorities