Privacy and security mean 2 different things to us
We created a robust security architecture from day one, using industry best practices and a security framework that features layers of data protection to keep your information safe. We make sure that your data is not accessible or readable by hackers, our hosting partners or even our own employees.
We’re obsessed with keeping your data private, that’s why we created Onist using privacy-by-design principles. You always own your data and we will never sell it to anyone.
Our security features
Server and database security
3 levels of data encryption
Partners and Certifications
Server and database security
Onist uses a combination of security best-practices including:
- Layers of internal and external firewalls – are the lock on the front, back and side doors protecting your data and documents, so no one can access our database or your information.
- Server hardening – multi-layered security of servers and applications reinforces our servers so no one can access them.
- Application controls, elaborate secret keys and password verification.
- Access roles – ensure your information is only accessible by the people you share it with.
It’s also important to note that Onist is a read-only platform so we do not have access to see or store your financial account credentials.
Onist goes above and beyond the security practices of most financial institutions by anonymizing your data. We do this by storing your data in 2 completely separate databases:
- The 1st database contains your encrypted personal data, meaning the data that can identify you like your name and email
- The 2nd database contains your financial data in a pseudonymized and encrypted form in a separate system with it’s own access keys
3 Levels of data encryption
Onist uses 3 tiers of encryption:
- We encrypt your financial data as it moves between your computer, Onist and the bank when your accounts are refreshed to protect you from ‘eavesdroppers’.
- We encrypt your personal and financial data within Onist so if anyone tries to see it there would be no recognizable and useful information.
- We encrypt your extra sensitive financial data and documents on your computer before you upload anything to Onist so even our vendors and employees can’t read your information.
All data within the Onist platform is encrypted using sophisticated encryption algorithms including 2048-bit Extended Validation SSL certificate and 256-bit encryption. User data is encrypted at rest using the AES-256 algorithm.
Partners & certifications
Onist works with global leaders in data security to ensure that your information is always safe.
Digicert’s Extended validation (EV) SSL certificates use the highest level of authentication and identity assurance. They use the most secure encryption available and support SHA-2 algorithms. With 2048-bit encryption used in root certificates, Digicert’s hybrid cryptosystem benefits from the best features of both symmetric and asymmetric encryption.
Yodlee provides seamless, secure integration of user accounts from over 15,000 international financial institutions. Yodlee is by far the most widely used data aggregation platform in the industry today, with over 600 companies as clients — including Bank of America, Citigroup, HSBC, Paypal and Amazon.com — and trusted by over 20 million end customers worldwide.
TRUSTe has verified Onist’s privacy practices against TRUSTe Privacy Standards using a combination of best-practice technical and manual methodologies.
The Amazon Web Services data center and network architecture is built to meet the requirements of the most security-sensitive organizations and is trusted by leading global financial institutions including NASDAQ, Capital One, Pacific Life and National Bank, to name a few.
KPMG is a global network of independent member firms offering audit, tax and advisory services. KPMG cyber security professionals worked with Onist to identify, assess and remediate any security vulnerabilities within the IT system.
Data privacy and ownership
Onist shares your data with no one. It will never be part of our business model to share or sell our users’ data. Our privacy architecture is based on privacy-by-design principles, a framework that was developed by a joint international committee to ensure greater privacy and consumer control over your own data. This means that you, and only you, own and control your financial data completely. You can delete your data or your account at any time.