Your financial data deserves the highest level of protection
Security is not optional at Finance.HDdev β it's the foundation of everything we build. Discover the measures we put in place to protect your information.
Encryption
Fernet/AES
Compliant
GDPR
Certified
PSD2
Hosting
100% European
Security
Bank-grade encryption
All your sensitive data is encrypted with the Fernet standard (AES symmetric encryption + HMAC). Your information is unreadable without the decryption key.
Bridge API β ACPR-approved
Bank synchronisation goes exclusively through Bridge, a payment services provider approved by the ACPR (Autorite de Controle Prudentiel et de Resolution). Bridge is compliant with the European PSD2 directive.
No banking credentials stored
We never store your banking credentials. Authentication with your bank is done directly through Bridge, in a secure environment. We only have read-only access to transaction data.
Strict proxy architecture
No API key is exposed on the client side. All communications with third-party services go through our secure backend. Access tokens are encrypted and isolated per user.
GDPR Compliance
100% European hosting. Your data stays in Europe and is processed in accordance with the General Data Protection Regulation. You can export or delete your data at any time.
HTTPS enforced everywhere
All communications between your browser and our servers are encrypted via HTTPS/TLS. No data is transmitted in plain text. SSL certificates are renewed automatically.
Secure authentication with 2FA
Protect your account with two-factor authentication (2FA). In addition to your password, a temporary code is required at each login to ensure you are the only one who can access your data.
Regular security audits
Our infrastructure and code undergo regular security audits. We follow OWASP best practices and conduct penetration tests to identify and fix vulnerabilities.
How does secure synchronisation work?
You sign in
You authenticate directly with your bank through Bridge's secure interface. We never have access to your credentials.
Bridge retrieves your transactions
Bridge, ACPR-approved, retrieves your transactions in read-only mode. No banking operations can be performed.
Data encrypted and displayed
Your transactions are encrypted and stored on our European servers. They are then displayed in your dashboard.
A question about security?
Our team is available to answer all your questions about the protection of your data.