FinLocker is committed to securing the consumer’s data by treating it as if it were its own. The following highlights FinLocker’s security and privacy measures.
FinLocker uses encryption to protect the transmission of the consumer’s data to and from our websites. This measure aims to prevent others from accessing the consumer’s personal information. Transmission of data over the public internet is secured with TLS 1.1 or higher.
Secure Data Centers
State of the art security is used to protect the data stored within our data centers. We utilize the Microsoft Azure Cloud, which houses data from major financial institutions, many Fortune 500 companies, and governmental agencies. All data is housed in Microsoft’s U.S. data centers. The Microsoft Azure data centers use state of the art systems to ensure security and system availability. In addition they are manned around the clock by security personnel.
External Security Assessments
FinLocker utilizes independent, third-party security experts to assess our system for vulnerabilities and validate appropriate security controls and protection. Several types of tests are performed on a recurring basis including web application vulnerability assessments and external penetration tests. FinLocker has obtained a SOC 2 Type 2 from a top 4 audit firm and will continue to assess annually.
Access to the consumer’s connected accounts is read-only. Neither our systems nor the lender’s access to the consumer’s financial accounts have any ability to initiate or modify transactions of any type. They cannot perform any action that would in any way cause any financial transaction to occur. The consumer’s financial account data remains with their bank, brokerage, or credit card company; FinLocker only captures a copy of the data retrieved by the parties the consumer has granted access. Full transparency is available to the consumer. The consumer has the option to stop access to their financial accounts.
Firewalls and Other Security Precautions
FinLocker has a variety of state of the art technologies to protect the consumer’s information such as firewalls, intrusion prevention systems, inherent security and monitoring by Microsoft of the Azure data centers, networks, and servers. We continually upgrade and refine our security technology, policies, and procedures to evolve rapidly as security threats continue to change.