Yodlee is a service that allows consumers to securely consolidate and manage their financial information on the web. If you've ever managed money online, chances are you've already trusted your information to Yodlee. Indeed, more than 200 financial institutions -- including 8 of the top 10 American banks -- trust Yodlee to help over 30 million consumers manage their finances online.
Why does digi.me partner with Yodlee?
To help our users pull in their transactional data, digi.me needs the ability to securely access their accounts. When you add an account to digi.me, we encrypt your login credentials and pass them to Yodlee for verification. This information may be stored in the US, compliant with the EU-U.S. Privacy Shield Framework. Once Yodlee confirms your credentials with the card issuer, it grants your digi.me "read-only" access to your transaction history. This means that you will be able to see descriptions and amounts for your purchases, and nothing else. Digi.me can not move money into or out of your accounts, nor can we change any aspect of them.
Is Yodlee Secure?
Yodlee has developed a patented information security platform to protect consumer data. This security infrastructure includes:
- Data and password encryption. All information transmitted to and from Yodlee is first encrypted using financial industry standard 128-bit encryption techniques. All data is securely housed in a server hosting space that provides enhanced physical security, fire protection, and electronic shielding.
- Network intrusion detection systems. Intrusion detection systems operate 24/7 to protect Yodlee's infrastructure from external attacks. In addition, multiple layers of firewalls guard against unauthorized access to the network.
- Physical security measures. Security personnel monitor the physical system around the clock. Access to servers requires multiple levels of authentication, including biometrics (hand-print scan) procedures.
- Rigorous audits and inspections. Yodlee's security infrastructure is regularly audited or inspected by independent firms and government agencies that specialize in security processes and technologies. This includes the frequent audit of network and security policies and procedures by the Federal Financial Institutions Council (government regulators) Payment Card Issuers (partner financial institutions), and Shared Assessments (a third-party assessment group that includes Deloitte, Ernst & Young, KPMG, PwC, and RSA).