With strong partnerships for account data aggregation and connections and to keep your credentials safe, we use Envestnet | Yodlee who maintains bank level security and is audited like a bank. The credentials stored are hardware encrypted using FIPS 140-2 level 2 HSM and the keys used for encryption cannot be accessed by anyone, including Envestnet | Yodlee employees. However, customers have the ability to unregister/delete a user or delete a provider account (user’s provider credentials) via an API that deletes all sensitive information of the user.