Security
Your financial data deserves the highest standard of protection.
SOC 2 Type II certified. Bank-grade encryption. Zero-trust architecture. Security is not a feature — it is the foundation.
Infrastructure
Built for financial data from day one.
All financial data encrypted with 256-bit AES. Database-level encryption with customer-managed keys available on enterprise plans.
TLS 1.3 enforced on all connections. Certificate pinning for mobile clients. HSTS with a one-year max-age.
Hosted on AWS with multi-AZ redundancy. VPC isolation between customer environments. No shared tenancy on data stores.
SSO via SAML 2.0 and OIDC. Mandatory MFA for all team members. API keys with granular scoping and automatic rotation.
Role-based access with least-privilege defaults. All data access logged and auditable. Session timeouts enforced.
Real-time intrusion detection. Automated vulnerability scanning. 24/7 security operations center with <15 minute response SLA.
Data handling
How your financial data moves through Cache.
Bank credentials handled exclusively by Plaid. Cache never sees or stores your login information.
Transaction data flows over TLS 1.3 encrypted channels from Plaid to our ingestion layer.
Data encrypted at rest with AES-256. Stored in isolated, single-tenant database partitions.
API requests authenticated via scoped tokens. All queries logged with full audit trail.
Certifications
Independently verified. Continuously audited.
Independently audited annually. Report available under NDA.
Full compliance with EU data protection regulation. DPO appointed.
California Consumer Privacy Act compliance. Data subject rights honored.
Payment card data handled through PCI-compliant processors only.
Responsible disclosure
Found a vulnerability?
We take security reports seriously. If you believe you have found a security vulnerability in Cache, please report it to our security team. We commit to acknowledging reports within 24 hours and providing regular updates on remediation progress.
security@usecache.com