Keeping your financial information safe and secure.

If the information below doesn't answer your questions on security, drop us a line and we'll try and help further.

How do you secure what I enter into the site?

We're trying to make it simpler and easier for you to manage your financial portfolio. To do that, we provide a single place — moneyvault.co.uk — for you to store your information. That way trusted advisers (including us) can offer improved advice and services like a snapshot of your current net worth.

 

One of our main priorities is therefore to ensure that you feel comfortable uploading your financial information to the site.

 

All communication between you and the site is encrypted over something called Secure Socket Layer (SSL). This is the same technology that is used when you enter your credit card details into an eCommerce site or communicate with your bank.

 

That means that in the address bar above you should see https as well as seeing a padlock symbol somewhere in your browser, e.g. this is Chrome: SSL in Chrome

 

We also use encrypted session cookies. These are small data files that sit on your computer to help you use the site and to further protect your information.

 

What all this means, is that you can feel comfortable that the information you enter into moneyVault is submitted to use in a secure fashion.

How does my data stay secure?

Once you've provided us with your financial information it is stored on our servers. These servers are hosted by Heroku — using Amazon's cloud platform — and are housed in a highly secure data centre.

 

Needless to say, we couldn't wish for a more robust and secure backend to our service. We choose to partner with others so that we can focus on building a great service for you. Amazon and our other partners are world-renowned for their service and the security of the information that is stored with them.

How is my account secured from others?

Your account password is not stored in a readable format in our database but hashed and encrypted. When you log in, your email address, password and PIN are communicated through SSL (see above) encryption layers and your password is compared to the hashed value. We also use encrypted 'cookies' to create a secure user session between your computer and our servers.

 

What all that means is that only you know your password (as long as you can remember it!) and that — along with your PIN code — secures access to your financial information.

 

So, as long as you use a password and PIN that are hard to guess and keep those details private, your account will be secure. Of course, if you choose to, your financial adviser can have access to your financial information to be able to provide a better service and good advice. However, you can remove any adviser from having access to your account at any time and they are never able to change your password, PIN or login details.

 

Also, any changes that are made to your password, PIN or email address are confirmed via email as an added level of security so you are always notified if anything changes.

 

Finally, having logged on, if we detect that you haven't used your account within the last 25 minutes then we will automatically log you out to further protect your financial information.

How is my data protected against loss?

All financial information is stored in a database that is backed up daily. In addition, each change made to your data is stored in an audit trail along with details of who made the change.

 

In the event of loss of information then our backups and audit trail will allow us to restore the affected data.

What can I do to protect my information?

You certainly play a part in ensuring that your information remains secure; especially by using an effective password and PIN. You should use a unique password and PIN for moneyVault and change them periodically or if you have any reason to believe they have been compromised.

 

Also, we will never ask you for your password or PIN in an email. Should you receive an email from moneyVault that requests your password or PIN please do not reply and instead forward the email on to us.

Who has access to my information?

If you have accepted an invitation from your financial adviser through moneyVault then all of your financial information is visible to that adviser. You can choose to revoke their permissions to see your information if you need to but under normal circumstances you shouldn't need to.

 

In the event of data loss from your account, our engineers will have access to your account to restore your data. However, they will not have access to your password and will never ask you to divulge that information. Once your data is restored, it will remain protected by your password and PIN.