Security at Abacus
Keeping your information secure is our #1 priority
We understand the importance of ensuring that sensitive company and personal information is secure. This underpins how we build Abacus and how we select our integration partners.
How is Abacus application data secured and stored?
Abacus application data is transmitted over a 256-bit encrypted channel (SSL). All expense data and card transaction details are stored in Amazon RDS and receipt images are stored in Amazon S3. All Abacus application data is backed up and data is stored for a minimum of 7 years. It will always be available for viewing or export either through the application or by contacting us directly.
How is my bank account information secured?
All bank account information is stored in Amazon RDS and encrypted at rest. Account numbers are always encrypted, and decryption is only possible with dedicated hardware in our private network. Bank login information you provide to connect with your Abacus account is stored with Plaid, one of our integration partners, who employ strict security policies for storing and accessing data.
How is my credit card information secured?
Abacus does not store any credit card account or login information within our system. All credit card information is stored with our data integration partners who each have their own security policies. Plaid regularly undergoes both internal and external network penetration tests, third-party code reviews, and PCI re-certification, as well as having completed a SOC 2 report. Their security policy also includes information on how data is accessed and controlled. Finicity holds AICPA SOC 2, Type I and PCI DSS 3.0 regulatory certifications. Their security policy also includes the use of multiple security technologies at the application, network, and database layers.