I think you’ll agree with me when I say that, for anyone looking to manage their money through a wealth management tool, safety is the ultimate feature.
If you don’t feel that your money is safe, you’re not going to (and you shouldn’t!) use any financial aggregator or tool. It’s your money – and you’ll want it to be protected by the company you choose. You’ll want to know that a platform you are using has safety as their highest priority – over everything else.
I often get asked if financial aggregators and wealth management sites are safe – and what measures they take to ensure user data is protected.
Whether it’s Personal Capital or Mint, trusting a site with your financial information can be daunting. I know the feeling very well – and, before I trusted any tool with my financial data, I spent a long time making sure I was choosing the safest and most secure option on the market.
So, today, we’ll be taking a closer look at Personal Capital security measures. Is it safe and secure to use? Should you be sharing your financial data with this financial management app?
Yes, Personal Capital is Safe & Here’s Why!
The short answer to this question is YES. Personal Capital is safe to use and track your finances, manage your spending and net worth, as well as plan your retirement.
Safety is Personal Capital’s priority – and the company does a lot to ensure their platform is secure for its customers. There are several reasons why it’s one of the most reliable financial management tools out there – and why 1.7 million registered users are trusting Personal Capital with their financial data.
Let’s look at each of these reasons in more detail so that you know exactly what Personal Capital does to keep your money safe.
With Personal Capital, your data is protected both at rest and in transit. Here’s why:
- AES-256 encryption. The company uses AES-256 encryption, which is the gold standard determined by NIST (the United States National Institute of Standards and Technology). In theory, it isn’t even crackable because the combinations of keys are massive. So, when you enter your bank information into Personal Capital, they encrypt it with AES-256 multi-layer key management, and that includes rotating user-specific keys and salts (random data used to safeguard passwords). And if you need more reassurance, you’ll know that AES-256 is at the top of the game because it is used by most major banks, brokerages, and even the US Government.
- No stored credentials. Personal Capital never store your login details – that data is encrypted and stored at Envestnet Yodlee – a specialist platform which powers many financial services and wealth management companies. The platform is regularly audited by the Office of Comptroller of the Currency. Here’s more information about Yodlee security processes.
- Internal access controls. This means that no-one working at Personal Capital can access your credentials. It’s completely off-limits.
Your communication with the tool is also protected. Here’s how:
- Strong encryption. Yup, encryption plays a role here too. All your online interaction with Personal Capital is encrypted, meaning that your data can safely get to Personal Capital servers without anyone taking a sneaky peek. Because it is encrypted, no hacker will be able to decipher what you’re communicating with Personal Capital servers.
- Enforced server-client integrity. Personal Capital requires its clients to use highly secure protocols. They prefer TLS 1.2 but also support TLS 1.1 and TLS 1.0. No less secure TLS or SSL protocols are allowed.
- Robust 2-factor authentication. Personal Capital requires 2-factor authentication, meaning that if you log in from a new or unknown device, you will need to confirm that it’s you via your phone or email (your choice). They also have extra mobile protection on iPhone with Touch ID authentication – and mobile-only PINs on Android and iOS. It’s something every financial institution should have to confirm your identity – but, surprisingly, many banks don’t.
Now let’s look at how well Personal Capital protects customers against fraud.
The good news is that you can quickly detect any suspicious activity on your accounts. Here’s why:
- All your accounts in one place. Linking all accounts allows you to get an accessible overview of all your financial accounts, so identifying fraud is easier. You don’t need to review multiple accounts one after another to find where the source of suspicious financial activity is – it’s all accessible on one dashboard.
- Daily Transaction Monitor. Personal Capital monitors all your transactions and allows you to request a Daily Transaction Monitor email listing all your financial activity seen that day. You don’t have to wait until the end of the month to review your statement – but can review it daily to ensure the highest level of protection. That’s a bonus because looking at transactions across all your accounts from weeks ago can be taxing and time-consuming. You probably won’t remember many of them, so identifying fraudulent activity becomes more difficult.
Personal Capital is Safer Than Your Bank
Yup, I said it – and I mean it. Personal Capital does everything your bank does – and more.
The truth is that, because it is read-only, Personal Capital isn’t an appealing target for hackers – you can’t transfer funds from one account to another, so accessing it could be seen as pointless.
Personal Capital’s 2-factor authentication is something not all banks have – and it does provide an additional layer of security. Having robust authentication is a crucial element in keeping your data safe.
Their top-level encryption is reliable and provides peace of mind to anyone considering linking all their accounts via Personal Capital.
And, because you never really have to enter your bank credentials when logging in to Personal Capital, that never gets transmitted. So, if a keylogger or malware compromise your computer, your accounts remain safe.
Is Personal Capital 100% Secure?
As much as we praise Personal Capital for what it’s doing to ensure your data is safe, the truth is that nothing out there is 100% secure.
Personal Capital takes security seriously and is doing a lot to protect your data – but no tool or bank is 100% safe. There always remains a small chance that hackers could attack a tool or platform you’re using.
That’s just one of those things we have to come to terms with in the digital society we live in – or else we’ll be keeping a stash of cash under our beds for the rest of our lives (which is also not the safest option!).
Protect Yourself From Hackers & Cyberattacks
It’s a make-or-break feature – and a major concern for customers worldwide. There were several major cyberattacks in 2019 – and, unfortunately, many more are probably yet to come. While many companies have cybersecurity strategies to keep your data safe, there are also things you can – and must – do to protect yourself from cyberattacks.
- Regular reviews. Regularly review your financial accounts so you can spot any unusual activity as soon as it happens – and prevent it from happening again. With Personal Capital’s dashboard, you can easily track your transactions and spot anything unusual.
- Choose good passwords. Strong passwords are really important if you want to stay safe in the digital world. The most important, perhaps somewhat surprisingly, is the password to your email – because if hackers get that right, they could use the “forgot my password” function to find out the passwords for all other accounts. Choose a password that uses a combination of upper case and lower case letters and is at least eight characters long. Don’t use consecutive numbers, words like “monkey,” or derivatives of your name. If you do choose to use a word, misspell it as much as you can – it’ll be so much harder to guess. And never write them down, or share them with anyone.
- Never ever click on suspicious emails. That’s a given – but you’d be surprised how many people still fall for this! Just opening a spam email is a way in for fraudsters. If you don’t know the sender, or it looks at least little suspicious – don’t open it. It should automatically go to junk folders – but if it doesn’t, you’re the one who has to make that call.
- Perform regular backups. If a ransomware attack happens, you’ll be pretty pleased if your files are backed up (and very frustrated if they’re not). Don’t risk losing all your files and data – back them up regularly.
- Use up-to-date software. Make sure your software isn’t outdated, particularly when it comes to operating systems. Most updates come with security improvements that could be very useful. Developers are working hard to continually feed their software with updates that fix bugs and additional cybersecurity measures – so, make the most of it.
Your Money is Safe with Personal Capital
So, there you have it. Now you know whether Personal Money is safe and secure to use – and why.
When choosing a financial aggregator to help you manage your finances more effectively, it is crucial to pick a company which prioritizes security. The company needs to prove to you that they are taking smart actions to make sure your financial data is safe and secure – and that they are going above and beyond to ensure that this security isn’t compromised.
The best way to do so is by using multiple layers of security, which is what Personal Capital does to ensure that your data and money is safe, and your information completely private.
That said, we also need to accept that nothing is 100% safe – as well as play our part in protecting ourselves against cyberattacks.
When it comes to my financial management, I feel comfortable using Personal Capital – but whether you decide to do the same is entirely up to you. I believe they have a high level of data protection, and I don’t feel worried about their security when it comes to managing my finances.
If you want to learn more about Personal Capital, why not check out my Personal Capital review?
Alternatively, check out my Personal Capital vs. Mint comparison to find out which tool is more suitable for your financial management.