Security

Where we are today

FinLink has not yet launched the live product. No bank credentials, account balances, or transactions are stored or processed by the Service in its current form. Right now the Service consists of an informational website and a waitlist that collects email addresses. This page describes how we protect that limited data, and the security model we are building toward for the live product.

Infrastructure

• Hosting. The site, API, and database run on Cloudflare — Workers for application code, D1 for the waitlist database, and Email Routing for notifications. Cloudflare operates the underlying network and physical infrastructure under SOC 2 and ISO 27001 controls.
• Transport security. All traffic to finlink.ag is served over HTTPS with modern TLS. HTTP requests are redirected to HTTPS at the edge.
• Network controls. Per-IP rate limiting on the waitlist endpoint blocks high-volume signup abuse. A honeypot field rejects naive form bots.
• Email. Waitlist signup notifications are delivered to a single internal inbox via Cloudflare Email Routing.

Data handling

• Only the data described in our Privacy Policy is collected — primarily your email address, plus rate-limit/abuse metadata (IP, country, User-Agent, signup time).
• Waitlist records live in a Cloudflare D1 database; access is restricted to the FinLink Workers application and to operators with administrative credentials.
• We do not sell waitlist data and do not share it with third parties for their own marketing.

What we do not do (yet)

We want to be explicit about what the current Service does not do, so that nobody assumes a security guarantee that hasn’t been made:

• We do not connect to bank accounts.
• We do not hold OAuth tokens, API keys, or credentials of any kind on your behalf.
• We do not process transactions or move money.
• We do not yet offer single sign-on, two-factor authentication, or user accounts, because there is no account to log into.

When any of these change, this page will be updated, and waitlist members will be emailed before the new functionality goes live.

Security model for the live product

The live FinLink product is being designed around the following principles. This is forward-looking and will be revised as the implementation matures:

• Read-only by default. Agent integrations will be scoped to the minimum permissions needed for the user’s request.
• No long-lived bank credentials on our servers. Bank connections will go through regulated aggregator partners that hold the credentials; FinLink will hold short-lived access tokens scoped to the user’s session.
• Encryption at rest and in transit. All sensitive fields stored by FinLink will be encrypted; transport remains HTTPS-only.
• Auditability. Every agent action will be logged so the user can review what happened and revoke access.
• Independent review before launch. We intend to complete an external security review before opening connections to live bank data.

Reporting a vulnerability

If you believe you have found a security issue in finlink.ag, please email security@finlink.ag with details. We ask that you:

• Give us a reasonable opportunity to investigate and fix the issue before public disclosure.
• Avoid accessing or modifying data that does not belong to you.
• Avoid testing that could degrade the Service for other users (volumetric attacks, denial of service, automated scanning at high rates).

We will acknowledge legitimate reports within 5 business days and keep you informed as we work toward a fix. We do not currently run a paid bug bounty, but we are happy to publicly credit researchers who report responsibly.

Contact

General security questions: security@finlink.ag.