Icon Close check-mark black-lock

Keeping Your
Account Safe

At Personal Capital, we keep your best interests in mind. This includes never, ever selling your data. And when we share your data with third parties to help us deliver our services, we make sure they don’t sell your data either. After all, nobody wants their contact information sold to telemarketers.

We all know that when it comes to security you can’t rest on your laurels. Every day, criminals come up with new ways to breach companies. That’s why at Personal Capital we believe in constant security testing and improvements. Our security team always scans and tests our systems for security issues, and we utilize a layered defense-in-depth approach.

Protecting Your Data

All sensitive information is protected at rest and in transit.

Data is encrypted with AES-256 with multilayer key management, including rotating user-specific keys and salts.

Strict internal access controls no individual at Personal Capital has access to your credentials.

Strong
Encryption

Our website’s encryption is rated A+ by the world-renowned Qualys SSL Labs, a stronger rating than most major banks or brokerages. We stay on top of security vulnerabilities and keep up-to-date with best practices, including the following:

  • Our servers require clients use the most secure TLS v1.2 protocol; older TLS and SSL insecure versions are not allowed.
  • We utilize a highly trusted Extended Validation certificate, Certificate Transparency, OCSP stapling and HTTP Strict Transport Security (HSTS) technology.
  • We also use ECDHE key exchange to allow for Perfect Forward Secrecy (PFS) of your communications with us.

Fraud Detection
Using Personal
Capital

  • After linking your accounts to Personal Capital, you can use our Transactions page to look at all transactions across all accounts.
  • Our opt-in Daily Transaction Monitor email sends a daily list of new transactions, making it easy and fast to check for suspicious activity in your accounts.

Robust
Authentication

Maintain your security. Protecting your username and password are just the start.

  • You must first authenticate each device that accesses your account. Before you can access your account on any new device, you’ll receive an automated phone call, email, or SMS asking to confirm your identity.
  • Add extra mobile protection on iPhone with Touch ID authentication, and mobile-only PINs on iOS and Android.

Partnering With The Industry Leader To Keep Your Credentials Safe

Benefit from our partnership with Yodlee, a financial technology industry veteran, to facilitate aggregation of your accounts. With over a decade of experience connecting with financial institutions, Yodlee provides an added layer of safety between your data and anyone who would want to access your account information. Your bank and brokerage credentials are only stored at Yodlee, not in Personal Capital’s database.

Your credentials are safer in Yodlee’s data center than they are in your browser!

In Partnership With
Envestnet Yodlee

Don’t Just Take
Our Word For It

Be confident; we perform regular 3rd party security audits to test and verify the integrity of our systems.

  • We also use Verisign and other state-of-the-art security solutions and practices to protect our site.
  • We operate a year-round private bug bounty program with leading partner Bugcrowd. Security researchers are always looking for ways to improve our security.
  • Ready to go bug hunting?
    Learn more about our bug bounty program.
  • Get Started 

Internet Security
Pioneers

Rest assured, when it comes to online security, there’s not much we haven’t seen. The entire staff at Personal Capital understands the challenges of Internet security—as well as the crucial importance of keeping you safe. Personal Capital’s founder, Bill Harris, previously co-founded PassMark Security, the company that designed the online authentication system that is now used by most of the major banks in this country.

No One Can
Touch Your Money

In the event that your Personal Capital account is ever compromised, our application design ensures that you are still safe.

We never send your credentials to your browser. After linking your accounts, your credentials are stored at Yodlee and are only ever sent directly to your financial institution.

To report a security vulnerability or issue, please contact us.

Disclosure statement and acknowledgment: The statement is provided to you by ("Author") who has entered into a referral agreement with Personal Capital Corporation ("PCC"), through which Author will be paid between $70 and $150 for each person who uses this webpage to register with Personal Capital and links at least $100,000 in investable assets to Personal Capital's free Financial Dashboard (“Dashboard”). Author may also be eligible to participate in an additional bonus compensation program through which the Author will be paid additional compensation based on achievement of certain goal metrics related to the number of people who link investable assets to the Dashboard during a given time period. Eligible participants in the bonus compensation program and the goal metrics are established by PCC at its sole discretion. Author is not affiliated with PCC and Author's services consist solely of referrals of prospective clients. As a result of this arrangement Author may financially benefit from referring potential clients to Personal Capital and has an incentive to present content favorable to PCC or Personal Capital Advisors Corporation (“PCAC”). No fees or other amounts will be charged to investors by Author or Personal Capital as a result of the Referral Arrangement. Investors that are referred to PCC and subsequently subscribe for investment advisory services provided by PCC’s affiliated adviser, PCAC will not pay increased management fees or other similar compensation to Author, PCC, or PCAC as a result of this arrangement. Additional information about PCAC is contained in Form ADV Part 2A.