If you’re like most Americans, you’ve worked hard to build a nest egg and look forward to being able to retire comfortably. We wouldn’t trust our savings to just anyone—and we don’t expect you to, either. In this age of advanced cyberattacks, fraud, and scams, we owe it to you to explain what we do to keep your financial information and data safe when you register for a Personal Capital account.
Personal Capital secures all data with AES-256 encryption, the same rigorous standards used by the U.S. military. Logging into your account requires multi-factor and biometric identification. Behind the scenes, Personal Capital’s fiduciary standard demands strict internal controls of client data. Personal Capital also operates a crowdsourced security bounty program, so dozens of people — both internally and externally — are working to ensure that Personal Capital is safe.
Following is more information about our security measures.
Safe and Secure Technology
Our security team’s primary job is safeguarding and securing your financial data. We use multiple layers of security in every component of our systems to protect your accounts, your money, and your personal information.
Strong Authentication with Multi-Factor and Biometrics
Before you can access your Personal Capital dashboard, you must first authenticate each device that you’ll use to log in to your account. We perform multi-factor authentication by sending you a single-use code via phone call, SMS, or email so that you can confirm your identity. Our mobile platforms utilize the latest biometric authentication with fingerprints or FaceID to ensure that only you can access your information.
If your device is ever lost or stolen, you can remove it from your trusted devices list immediately, thereby locking it out. And of course, you should always follow these cybersecurity best practices.
Keeping your Data Secure
At Personal Capital, we know that top-notch security is only possible with world-class encryption. That’s why we secure your data with AES-256 encryption. As mentioned, this encryption is also used by the U.S. military as set by the National Institute of Standards & Technology. To ensure that all of our encryption is sound, we use state-of-the-art multi-layer key management and rotation architectures. We also encrypt all in-transit data using the latest TLS 1.2 technology to prevent snooping.
A Focus on Privacy
At Personal Capital, our goal is to serve as a fiduciary advisor for your wealth management needs. Because of this, you can trust that we will never sell your data to others. And when we share your data with third-parties that help us deliver our services, we make sure they don’t sell your data, either.
Constant Security Testing and Improvement
When it comes to security, we know that we can’t rest on our laurels. Every day, cybercriminals come up with new ways to breach companies. That’s why we’re constantly testing and improving our security protocols. We also operate a crowdsourced security bounty program, a cutting-edge initiative where we reward ethical hackers for submitting their security findings. That means that we have dozens of people reviewing our security on a regular basis, both internally and externally. We’re in good company: the U.S. Pentagon recently deployed a similar program.
Fraud Detection for Fraud Protection
We don’t think of security as a one-time protocol; it’s important to monitor your accounts at all times. Once you’ve linked your accounts to Personal Capital, you can view transactions across all of your accounts right from our Transactions page. And you can even opt in to receive our Daily Transaction Monitor email for a list of new transactions every day to help you spot suspicious transactions early.
We’re Not Alone—and Neither Are You
We partner with some of the world’s best security firms to offer you first-class protection for your data. Fintech veteran Yodlee helps us add another layer of security between your information and any bad actors trying to access it. Your bank and brokerage credentials are only stored at Yodlee, not in Personal Capital’s database.
Your Financial Information Is Safe With Us
Even if someone gained access to your Personal Capital account, our application is designed to protect your personal data. That is why we never send the login credentials for your linked accounts to your browser. They are stored at Yodlee and are only ever sent directly to your financial institution.
Still Have Questions? Talk to a Financial Advisor
In addition to answering any of your security questions, our financial advisors will also provide a holistic perspective on your retirement plan. You both have access to the same tools, such as the Retirement Planner. This way you can have an informed conversation, and get the honest, transparent advice you need to help you reach your retirement goals.