How we protect your financial data.
All communication uses TLS 1.2/1.3. HSTS prevents protocol downgrade attacks. Content Security Policy blocks unauthorized script injection.
Via Plaid (SOC 2 Type II certified). Your credentials go directly to Plaid โ DuoBudgets never sees them. Read-only access only. All Plaid API calls have a 30-second timeout to prevent hanging connections.
Every record is tagged with a household ID. Every API request verifies household ownership. It is technically impossible for one household to access another's data.
Passwordless SMS PIN login. PINs expire after 10 minutes and are single-use. Brute force protection locks accounts after 5 failed attempts โ 15 minute lockout. Biometric login via WebAuthn. Sessions stored in PostgreSQL, expire after 24 hours of inactivity. Sign out all devices at any time from Settings.
Receipt images are stored in Cloudflare R2 with private access only โ never publicly accessible. File content is verified by magic bytes (not just extension) before storage. Access requires an authenticated session and verified ownership of the associated budget entry.
We collect only what's needed, never sell data, and support data export and deletion. Contact [email protected] for privacy questions.
Found a vulnerability? Email [email protected]. We respond within 48 hours.