Security at Covet
At Covet, your security is our priority. We implement industry-standard practices to protect your personal and financial data, ensuring peace of mind for our users.
HTTPS/SSL by default
Industry standard encryption by default within Covet.
Encrypted data at rest
Backups are taken every day and are retained for 7 days.
2FA enabled by AWS
Verification of your email or phone number required for every log in.
Bank integration with Plaid and OAuth
Covet does not store any username or passwords for your banks and instead store a Plaid token to access your bank accounts.
Image and Document encryption and access protection
Covet uses the default AWS managed key option (SSE-S3), Amazon S3 uses one of the strongest block ciphers—256-bit Advanced Encryption Standard (AES-256) to encrypt each object uploaded to the bucket.
Access to images and documents are only visible by the logged in user using AWS 2FA and folder user access protection.