Security
Security Philosophy
BananaBird-Stage is designed around the idea that personal financial data should be treated carefully, deliberately, and with restraint.
Security is not handled as a single feature. It is considered throughout the application, including authentication, authorization, data access, logging, and how financial information is entered and managed.
Account Protection
- Strong password requirements
- Email verification
- Optional Google sign-in
- Multi-factor authentication
- MFA recovery codes
- Recent password confirmation for sensitive actions
- Session regeneration after login
- Rate limiting across application endpoints
Data Protection
BananaBird-Stage does not connect to banks, brokerages, credit cards, or other financial institutions. This is intentional. There are no third-party financial data integrations.
All financial information is entered by you - manually or imported from files you provide. This limits the amount of external access involved and keeps you in control of what the application can see.
Application-level authorization checks are used to help ensure users can only access their own data.
Logging & Auditing
Security-related events are logged and audited so important account activity can be reviewed when needed.
This includes events such as authentication activity, MFA-related activity, account protection events, and other security-sensitive actions within the application.
Infrastructure Practices
BananaBird-Stage is deployed with a focus on protecting both the application and the infrastructure it runs on. Current practices include:
- Hosted on Amazon Web Services (AWS)
- Full disk encryption for production storage
- Encrypted HTTPS connections for all web traffic
- Firewalls configured to expose only required public services
- Administrative access restricted to authorized IP addresses
- Regular backups stored on encrypted storage
Privacy by Design
- No bank integrations
- No advertising
- No sale of financial data
- No financial profiling
- No third-party financial aggregation
Your Role in Security
Security works best when both the application and the user take reasonable precautions.
- Use a unique password
- Enable multi-factor authentication
- Keep recovery codes somewhere safe
- Review temporary users regularly
- Log out of shared or public devices
- Keep your browser and devices updated
Responsible Disclosure
If you believe you have discovered a security issue, please report it privately through the Support page.
Though we do not run a Bug Bounty program at this time, responsible reports are appreciated and will be reviewed seriously.
Continuous Improvement
Security is reviewed as BananaBird-Stage evolves. New features are evaluated for security impact, and additional protections may be added over time where they make sense for the application and its users.