Protection behind the scenes.
We use strong browser encryption, store all of our data on servers in a secure facility, and implement systematic processes and procedures for securing and storing data.
Safeguards to protect against unauthorized activity.
We are committed to protecting your account from fraud. If you see any unauthorized activity in your account, report it immediately. We'll work to recover any loss that results from unauthorized use of your Betterment account.1
Respect for your personal data and information.
Advanced Login Protection
Additional features to help ensure your security.
Two-Factor Authentication provides a second layer of security beyond your password to access your Betterment account. App Passwords allow you to use third-party personal finance applications, while minimizing the risk of potentially unwarranted access to your Betterment account.
To keep you and your data safe we have also implemented a number of security procedures, including:
- Strongest available browser encryption. Connections between you and our servers are secured to industry standard specifications.
- Secure servers. All your account information is encrypted and stored behind secure monitored firewalls in a secure facility that is safeguarded 24-hours-a-day.
- Systematic procedures. We maintain continuous encryption, auditing, logging, backups, and safe-guarding of data.
- Hacker checks. We run frequent internal and external security audits of our software and systems.
Additionally, we have built in a number of safeguards into our software, including:
- Two-factor authentication (2FA). Betterment can help protect your account from theft by providing an extra layer of protection every time you log in on a new device, or you haven’t used 2FA on your device for two years. With 2FA, you’ll be asked to enter a unique verification code from either a mobile authenticator app or from a text code or voice code that Betterment sends to you.
- App passwords. You can allow personal finance applications, such as Mint or TurboTax, view-only access to your financial information without allowing them to make any changes to your account.
- Automatic logout. If you are inactive for an extended period of time we automatically log you out so unauthorized people cannot access your account.
- Contact information confirmation. We send you email notification upon changes to your contact information to both your previous and updated addresses.
- Personalized email. Emails coming from Betterment will generally address you by name, so you can be confident we know who you are and the email is coming from us.
- Background checks. Everyone on our staff must pass a criminal background check.
- Account Ownership Verification. We verify that you have proper access to any external checking account that we electronically link to. This helps prevent people from opening a Betterment account in your name and moving money out of your external account.
- Identity verification. We run thorough identity verification checks on new customers to determine if the identity information provided is accurate and not suspicious or on any government watch lists.
- Third party verification. We have a security seal and certificate from Digicert who has also verified our identity.
Keeping your computer safe
- Make sure you are running the latest versions of your operating system and browser software, and that all security updates are installed.
- Maintain updated anti-virus, anti-spyware, and firewall software.
- Do not allow your browser to automatically log in for you.
- Choose a unique password that is hard to guess and that you don’t use elsewhere, and change it periodically.
- For more information visit the Federal Trade Commission’s “OnGuard Online” computer security site.
Keeping your information safe
- Never share your login or password with anyone.
- Never provide personal information when requested through an email or a link unless you can be certain of the site’s authenticity.
- Never input personal information into a form in a popup window or email message.
- Never open an email if you do not recognize the sender, especially if in it contains an attachment.
- Always remember to log out of Betterment when you are done.
- Be careful if you are using a public computers that do not belong to you, such as at a cafe or in a library.
Protecting yourself from phishing attacks
Phishing is an illegal practice where someone tries to get you to provide your personal or financial information by making you think it is being requested from a legitimate party.
The most popular form of phishing is an email that appears to originate from a financial institution asking you to validate or update your account information, usually through a link in the email that directs you to a fake website that looks legitimate.
Be vigilant about phishing attacks by watching out for:
- An unsolicited email containing an attachment that appears to be coming from a legitimate company
- An urgent sounding email claiming you must act immediately and supply the requested information
- Popup windows asking you for personal information
Reporting a phishing attack
If you receive an email from Betterment that you believe may be fraudulent, please send the email to our Fraud Prevention Team: email@example.com.
Minimizing damage from identity theft
If your personal or financial information is accidentally disclosed or deliberately stolen we recommend the following steps:
- Report the fraud to Betterment’s Fraud Prevention Team: firstname.lastname@example.org
- Place a “fraud alert” at all three major credit bureaus, and request copies of your credit reports. Note that credit bureaus are required to provide free copies of your credit report if you are a victim of identity theft:
- Close any accounts that have been tampered with or new accounts that were established fraudulently
- File a police report with local law enforcement officials, which may help with clearing up your credit
- Report your theft to the Federal Trade Commission online or by phone at 877-ID-THEFT (877-438-4338)