Ready to take control of your finances?
Your data security is our foundation — not an afterthought. Start your free 14-day trial today.
Your financial data is highly sensitive. We protect it using the same encryption standards and regulatory frameworks trusted by the world's leading financial institutions.
All sensitive data stored on our servers is heavily encrypted using Advanced Encryption Standard (AES) with 256-bit keys. This is the cryptographic standard adopted by the U.S. government and global banks to protect classified information.
Whenever your data travels between your device, our servers, and our banking partners, it is secured using Transport Layer Security (TLS 1.2 or higher). This ensures your data cannot be intercepted or modified in transit.
Aura is an Account Information Service Provider (AISP) technology. We only have read-only access to your transaction history. It is physically and technologically impossible for us, or anyone using our app, to move your money, initiate transfers, or alter your bank accounts.
We connect to your banks through heavily regulated Open Banking APIs established under the European Union's Revised Payment Services Directive (PSD2). We partner with licensed, compliant aggregators to ensure a secure, tokenized connection that never exposes your actual bank login credentials to us.
Your core financial data — accounts, transactions, and balances — is stored exclusively on EU-based servers (Google Cloud EU region — ISO 27001 & SOC 2 certified), fully compliant with GDPR. Certain service partners (AI processing, analytics, and subscription management) operate in the US under Standard Contractual Clauses (SCCs), as detailed in our Privacy Policy.
We mandate secure authentication for API access. To access your Aura dashboard, the app supports biometric authentication (Face ID / Touch ID) and secure PIN codes, ensuring that if you lose your device, your financial insights remain locked.
PSD2 — the EU's Payment Services Directive 2 (directive 2015/2366/EU) — is a law that regulates how third-party apps can access your bank data. Under PSD2, licensed providers like AuraInsights can connect to your bank with your consent and read transaction history. That is the full extent of access. PSD2 explicitly prohibits payment initiation, balance modification, or credential access for Account Information Service Providers.
In practice: we can see your transactions. We cannot touch your money. Ever.
All data is stored in EU-based servers. Under GDPR you have the right to access, correct, or delete your data at any time. You can export your complete transaction history in CSV format from the app, and request full account deletion at any time by contacting support@aurainsights.ai.
Your data security is our foundation — not an afterthought. Start your free 14-day trial today.