We truly understand that Kubera is storing your sensitive data and protecting it is our highest priority.
These are answers to some of the questions you may have in mind right now.
If you have more questions, just email us at email@example.com. We are happy to answer them.
Kubera uses third party financial account aggregator services - Plaid, Yodlee, Salt Edge - to connect to your bank and brokerage accounts. Your banking credentials are directly sent to the respective service from your browser. Kubera servers will never see your credentials. Plaid, Yodlee and Salt Edge provide a read-only interface to Kubera; therefore Kubera cannot make any transactions on your behalf.
For Crypto exchanges and wallets your account credentials are entered directly on the respective service's official oAuth pages. Connections that require API key/Secret key/Passphrase or a combination of these, Kubera only requires read-only permissions. For certain wallets like Bitcoin, Ethereum, Ripple, Doge, etc, we only need the Blockchain Address.
The data in Kubera is encrypted at-rest and in-transit.
It’s NOT end-to-end encrypted.
When you think of online security the first thing that comes to your mind is encryption. You may have also heard of ‘end-to-end encryption’ as the gold standard for security.
What is end-to-end encryption?
End-to-end encryption makes the data encrypted or unreadable by the very service or the app you used to create it, because the app simply doesn't hold the keys to decrypt it. It’s only readable by the user who holds the key to decrypt it and no one else.
Your data in Kubera is NOT end-to-end encrypted, because it will not allow Kubera to deliver several fundamental features of the service, e.g, background syncing, ensuring safe transfer of your data to your beneficiary as simple Excel and Zip files and many more. Even though we can’t do end-to-end encryption, your data in Kubera is indeed encrypted at-rest and in-transit.
What are at-rest and in-transit encryption?
At-rest encryption: All our databases and files storage in Amazon (AWS) servers have their content encrypted while sitting idle and when they’re backed up. This protects against unauthorized copying, transfer or retrieval of user data from our servers. Even if someone was somehow able to get hold of a backup of the database, it’d be useless, because they wouldn’t have the key to decrypt it.
In-transit: Your data when in transit from ours servers to your browser requires HTTPS on all pages, and uses HSTS to ensure browsers only ever connect to us over a secure connection.
First of all, we don't store any of your banking credentials (See the answer to the question: Does Kubera have access to my online bank and crypto account?). If Kubera servers were to be breached, your banking credentials are totally safe.
Secondly, all your data in Kubera is encrypted at rest on Amazon servers. So, even if someone hacks in and gets hold of a backup of the database, it’d be useless, because they wouldn’t have the key to decrypt it.
Kubera uses HTTPS on all pages, and HSTS to ensure browsers only ever connect to us over a secure connection. So, someone hacking into your data on transit is less likely.
TL;DR: Our engineering lead has the decryption keys to look into the user's data during the routine maintenance, debugging, or servicing of the system. Their access is logged and needs to be approved by our compliance team for any such use.
Our internal tools mask all personally identifiable information that our operations staff sees. Technically the database administrators have access to the encryption keys, however our employment agreements make it legally binding for any such employee with access to the keys to not decrypt or unmask user data. We also have a strict 2FA factor in place which prevents hacking of such admin accounts.
It still means that ultimately someone at Kubera could access your personal data. Data is unmasked strictly on a need-to-know basis. Only the people who need access to improve or operate the system can unmask and access data. And when they do their routine maintenance, debugging, or servicing of the system, they're required to state the valid consent or justification for the specific access session. We maintain an audit trail for all data access sessions and review them periodically. We do background checks for all employees who have access to sensitive data. If an employee ever wrongly accesses customer data through this system, they will be caught, and will face penalties ranging from termination to prosecution.
Just to be on the safer side, you should not store any information in Kubera that’s highly risky when fallen into the wrong hands. Please don’t store any password, credit card numbers, crypto wallet private keys in Kubera in order to transfer it to the beneficiary. You should store only enough information or documents that would help you track your wealth and for your legal heir to know and claim your property.
If your data sharing needs requires end-to-end encryption, don’t use Kubera. We highly recommend you to look at Password Managers like LastPass and 1Password.
The simplest and quickest way to sign up to Kubera is by using your Google ID. If you already have Two-factor authentication (2FA) set for your Google account, you are all set.
If you have signed up by creating a Kubera username and password, it's recommended that you enable 2FA for your account. Go to Settings > Security > Two-Factor Authentication to set it up.
2FA adds an extra layer of security for your Kubera account. Instead of only entering a password to log in, you’ll also enter a code (OTP) you typically receive as a text message on your phone. You can also use a TOTP authenticator app like Microsoft Authenticator, Google Authenticator, Authy to get your OTP. So, even if someone steals your password, they won't be able to access your account unless they also get hold of your phone and enter the OTP.
Kubera NEVER sells your data.
Kubera is funded solely by your subscription fee.
In some specific instances when data is shared with 3rd parties (mostly for analytics), Kubera makes sure they don’t sell it either.
When you delete your account, we delete all your data from our primary database immediately and notify our aggregators to stop connecting your account and delete everything from their end.
We keep rotating backups for 30 days. Your data will be removed from the backup in the next backup purge cycle.
We’re engaging with external security firms to review our application security. We are committing to work with renowned security experts to audit our internal and external security practices on a regular basis.
If you believe you've found a security issue in our product or service, we encourage you to let us know at firstname.lastname@example.org. Here's our Vulnerability Disclosure Program.