How To Keep Your Financial Data Safe
Cybersecurity threats are now the norm. Here's how we work with customers to protect their financial data.
When it comes to protecting your financial information, the biggest threats are the most obvious: spam calls, phishing emails, and questionable messages. Scammers are constantly developing new, more devious ways to steal your personal information.
With software, they guess millions of passwords per second. They scrape your social media accounts for personal information to manipulate you or your friends. But most of all, they’re counting on you to let your guard down.
Here are four ways we can work together to protect your financial data.
Caution is your first line of defense
If a phone call, email, or message seems fishy, it probably is. Would your bank really ask for your account number over the phone? What comes up when you Google the number? The IRS says they don’t email or text message people, and they’ll never ask for your personal information—so is that really them in your inbox? Why does that link have random characters instead of a URL you recognize? Is that the correct spelling of that company’s name?
Don’t ever share personal information unless you’re sure who you’re sharing it with. And make sure that other people don’t have access to your passwords or login information, and you’re not reusing passwords on multiple sites. Two-factor authentication helps secure your account using a passcode that rotates over time, or one that you receive via text or a phone call.
Encryption is essential
Any time you access a website or use an app, your device communicates with a server. With the right expertise, someone could hijack these communications and steal your information. Encryption prevents this. Encryption takes these sensitive communications and jumbles them up. The only way to un-jumble them? A key that only your device and the server share.
It works like this:
When you access Betterment, your connection is encrypted. But if you’re ever visiting a third-party site and don’t see the padlock in the browser bar, your connection is not secure. Don’t share any information on those sites!
Hashing hides your information—even from us!
We don’t need to know your password. That’s a secret only you should know. So, we use a technique called “hashing” to let you use it without telling us what it is.
Like encryption, hashing uses an algorithm to turn information (like your password) into an unreadable sequence. But unlike encryption, hashing is irreversible. There’s no key to decipher it. We can’t translate the hashing to read your password. However, every time you enter your password, the hashing algorithm produces the same sequence. So we don’t know your password; we just know if it was entered correctly.
App-specific passwords let you securely sync accounts
Odds are, between all your investments, savings, payment cards, budgeting apps, and financial assets, you use more than one financial institution. That’s OK. But if you’re trying to get a more complete picture of your financial portfolio and see what you have to work with, it helps to have a single, central account that can see the others.
Today’s technology makes it easier than ever to sync external accounts. But if you’re not careful, connecting them can make your financial data more vulnerable. To provide a middle ground between complete access and maximum security, Betterment uses app-specific passwords to sync your external accounts.
Let’s say you want to sync your Mint account with Betterment, for example. Mint can generate a separate password that gives Betterment read-only access to your Mint account. You’re not sharing your login credentials, and it won’t give you or anyone else the ability to change your Mint account from within Betterment. But you can still see the information you need to make informed decisions about your money.
Keep your finances secure
At Betterment, we want you to reach your financial goals. It’s a lot easier to do that when you use financial services you can trust. We help secure your financial data through layers of encryption, hashing information we don’t need, and app-specific passwords that reduce your risk.