Security at SnapTrade

SnapTrade follows strict procedures and processes to exceed industry standard practices. We make sure data is always secured and encrypted at rest and in transit. Your data is only shared with authorized apps and can be revoked at anytime within the app.

security for new investing

Our data security posture

User data belongs to the user

SnapTrade doesn't touch user data without their permission, which is authenticated only when they log in to their brokerage. Apps using SnapTrade must also agree not to sell or share user data without the users' expressed consent.

data belongs

Use OAuth-based authentication when available

Where possible, we authenticate using OAuth. However, not all institutions support OAuth access. In these cases, SnapTrade can only facilitate the connection using account credentials. These are treated with the highest possible sensitivity, and are stored and encrypted with AWS KMS.

password integrity

Data is secured at rest and in transit

All data shared between SnapTrade and authorized partner apps is secured by TLS and authenticated using a secure cryptographic signature for each request.

secured icon with logos

Regular penetration tests and bug bounties

We work with third-party security firms to conduct penetration tests and have a bug bounty program. In addition to that, we actively monitor all third party infrastructure to ensure they are secure with the latest security updates.

report image