Your financial security is our top priority. Luna Money implements bank-level security measures to protect your data and ensure your privacy.
256-bit Encryption
All your data is encrypted using AES 256-bit encryption at rest and TLS 1.3 in transit - the same security used by major banks.
Read-Only Access
We have read-only access to your financial accounts. We cannot move money, make transactions, or change your accounts.
No Password Storage
We never store your bank login credentials. Authentication is handled securely through Plaid's encrypted token exchange.
Enterprise Infrastructure
Hosted on Vercel with Firebase backend, featuring automatic backups, multi-region redundancy, 24/7 monitoring, and Google Cloud Secret Manager for sensitive data encryption.
How We Protect Your Data
Multi-Factor Authentication
Optional 2FA adds an extra layer of security to your account with time-based codes.
Secure Session Management
Sessions expire automatically and are tied to your device for added security.
Regular Security Audits
We conduct regular security reviews and monitoring to identify and address potential vulnerabilities.
Advanced Threat Detection
AI-powered fraud detection with behavioral analysis and risk scoring.
Smart Rate Limiting
Context-aware API protection with operation-specific security controls.
App Check Integration
Firebase App Check with reCAPTCHA v3 prevents bot attacks and API abuse.
Banking Partner Security
Powered by Plaid
We partner with Plaid, a trusted financial technology company used by major apps like Venmo, Robinhood, and Coinbase.
SOC 2 Type II certified
ISO 27001 and ISO 27701 certified
Encrypted end-to-end connection to your bank
Never stores your login credentials
Your Privacy Rights
We Never:
Sell your personal or financial data
Share your data without your consent
Store your banking passwords
Access your money or make transactions
You Always Can:
Request access to your data (contact privacy@lunamoney.io)
Delete your account instantly through Settings → Delete Account
Disconnect bank accounts instantly
Control your privacy settings
Our Security Commitment
While we're a growing startup, we take security seriously and follow industry best practices:
Privacy-First Design
Following privacy best practices, working toward GDPR compliance
Secure Infrastructure
Enterprise-grade hosting and monitoring
Regular Updates
Continuous security improvements
Transparent Practices
Clear data handling policies
Growing Stronger: As we grow, we're working towards formal certifications including SOC 2 and full GDPR compliance documentation.
Advanced Security Features
Luna Money implements cutting-edge security beyond industry standards:
Behavioral Fraud Detection: AI algorithms analyze usage patterns to detect anomalies
Device Trust Scoring: Multi-factor device authentication and fingerprinting
Operation-Specific Security: Different security levels for read/write/sensitive operations
Real-Time Security Monitoring: Automated threat detection with instant response
Security Best Practices
Help Keep Your Account Secure
Use a strong, unique password for your Luna Money account
Enable two-factor authentication for extra security
Never share your account credentials with anyone
Keep your app updated to the latest version
Report any suspicious activity immediately
Data Access & Analytics
Your Financial Data: Luna Money stores and accesses your transaction history, account balances, and financial preferences to provide our service. This data is associated with your account and used for service delivery, customer support, and improving our features.
We use Google Analytics and Sentry for app performance monitoring. While we strive to minimize personal data in analytics, some technical information may be collected to improve our service.
Our Commitment: While we access your data to provide our service, we never sell your personal or financial information to third parties for marketing or advertising purposes.
Questions About Security?
Our security team is here to help. If you have any questions or concerns about your data security, please don't hesitate to reach out.