Charityvest uses bank-level security for all of its transactions and management of money in its personal charitable giving funds.

We hold our product to bank-level protection and protocols. That means your data is effectively sealed, as safe as money in a vault. Here are just a few of the security measures we employ:

  • We don't store sensitive financial information, such as your bank login information, or your bank account and routing numbers

  • We require HTTPS on all pages

  • All data is encrypted at rest and connections within our data center are made strictly over Transport Layer Security (TLS)

  • We tokenize ACH credentials and securely connect to the clearing house through our banking partners Plaid and Dwolla

  • We utilize Content Security Policy (CSP) to prevent cross site scripting attacks

  • We require significant levels of password complexity and multi-factor authentication for all users

  • We don’t send sensitive information like tax statements through email and require users to authenticate first before accessing their documents

If you have any questions about our security practices, or need to report a potential vulnerability, please email us at security@charityvest.org.

Did this answer your question?