Thousands of investors trust us to track over
$2,231,384,188 of their assets.
We know that security is paramount. That’s why Wealthica uses cloud services provided by Amazon Web Services (AWS) and managed by a team with over 20 years of experience in the web hosting industry. AWS’ data centres are certified ISO 27001, SOC 2 (Type II), PCI DSS (Level 1), FISMA, and many more. We also work closely with renowned firms (BCF, Raymond Chabot) for legal, audit, tax and advisory services. Finally, we do daily vulnerability scan on our website to ensure continuous security.
We use the latest technologies and have strict processes in place to protect your financial information. The credentials you entrust us are encrypted, and none of our employees can access them. Our database administrators don’t have access to the encryption keys used.
We've added two factor authentication in your Wealthica account for enhanced security. When enabled, a security PIN is sent to your smartphone to authorize login from a new device. That way, with your Wealthica credentials alone, it's impossible to access your financial information and account balance.
Wealthica only reads and saves your brokerage data to build a visual dashboard of all your financial investment. Trading, funds withdrawal, money transfer or other transaction is impossible through the platform to keep your money safe.
Network Solutions validated Wealthica as an organization and verified our identity. In addition, SiteLock verifies our site security every day and protects you from spam, viruses and scams. Look for the SiteLock and NS Assured seals when you sign up or login to Wealthica.
After connecting your investment accounts to Wealthica, you can easily review new transactions across all your accounts and detect any suspicious activity. You can also choose to receive a daily review of new transactions by email, making it easy to monitor your accounts for suspicious activity. You will also always receive an email notification from Wealthica whenever there is a login from a new location, and your login history will always be available through your dashboard.
In most cases, your credentials are needed to establish a secure connection between Wealthica and your financial institution. In the process of adding your financial institutions to Wealthica we will ask for your credentials and ask you to answer your security questions. While we will securely store your credentials, we will never store the answers to your security questions (or transaction PINs). Someone stealing your credentials and attempting to login from a new device would be asked to provide those answers and won't be able to login.
We first need to establish a secure connection between Wealthica and your financial institution. We use API authorization or your credentials to retrieve your investment portfolio and collect your financial data.
Many financial institutions allow us to collect investment data through portals with "read-only view" (no access to execute transactions) which eliminates the risk of someone being able to move your money.
Some brokerage institution, on the other hand, allow API access (i.e. Questrade, Wealthsimple or Interactive Brokers). Wealthica will always favor this option since you don't have to share your account credentials. API authentication is considered, by industry standards, to be the best and most secure method.
Your credentials are needed to establish a secure connection between Wealthica and your financial institution. This allows us to collect your financial data and build your Wealthica dashboard and reports. Read the information above to learn more about how we collect your investment data securely.
We built Wealthica for us and are using it daily to track our personal investments. We plan to monetize the Wealthica Dashboard by offering paid add-ons in the future. We also, offer a paid version of the Wealthica API that allows financial technology software providers to offer custom dashboards and use our data collection and aggregation technology to power their in-house software.
Wealthica supports two-factor verification (2FA) and is strongly recommended to protect your account. When configured, a unique temporary code will be required with your password in order to login to Wealthica. This code can be delivered through your mobile by SMS or generated through an application installed on your mobile. This feature can be enabled easily in the preference page of your Wealthica dashboard.
Wealthica maintains compliance with the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA) and the European General Data Protection Regulation (GDPR). Wealthica has many documented policies to support our commitment toward data privacy and information security.
Wealthica uses cloud services from Amazon Web Services (AWS) located within the Canadian region (Montreal), including servers, databases, and object storage. Your personal data is stored in Canada. However, we still use some services provided by AWS in the US to process some of your data. These services were and/or are still not available in Canada but our goal is to migrate all services in Canada as soon as possible and/or available.