How is it ensured that no one has Access to my Bank Data unauthorized? - iOS-Version / Security - Outbank Helpdesk

How is it ensured that no one has Access to my Bank Data unauthorized?

Local data storage
Your data is only saved locally on your device and not stored on a server. Access to the app is protected by your master password. This was assigned by you when you set up the app the first time and can only be changed by you. Also, the master password is not stored on servers. There is no reset button or the possibility to request or change the password by email. Outbank can not change or restore the passwort.

Direct bank device communication
All communication between the Outbank App and your banks takes place directly between the financial institution and the device. There is no server in between. Other providers often use proxy servers to communicate with the bank. These servers know all bank credentials as well as the financial data of their users, what poses a threat to them. Outbank eliminates this threat by communicating always directly with the bank.

Encrypted data transfer
Every time your data is transferred, they are encrypted: both when they are transferred from bank to device and when you sync your data via Secure Sync. For this process, Outbank uses symmetric AES encryption, the world’s safest standard that is also used to secure government documents of the highest classification level.

Secure bank certificates
With a safety certificate, a bank verifies that their connection is trustworthy. In general, Outbank checks a certificate before every connection and automatically every 15 minutes using ‘active certificate pinning”. If an irregularity occurs or the connection has been tampered with, Outbank will immediately terminate the connection to the bank. This ensures that the app really only communicates with your bank and no one unauthorized is getting any information (e.g. through a man-in-the-middle attack).

For more information please click here.