Trust
How we protect your data and your family's money.
At Pari, security is at the foundation of everything we build. We are committed to protecting our users’ financial data, transactions, and personal information using industry-leading security practices, rigorous access controls, and trusted institutional infrastructure.
We build security into the Pari platform from the ground up, utilizing the principle of least privilege (restricting data access strictly to those who need it) and a defense-in-depth strategy to protect our infrastructure at multiple layers.
Access to internal Pari administrative tools, hosting infrastructure, and codebase repositories requires mandatory multi-factor authentication.
Our application infrastructure runs on highly secure, isolated cloud servers. We continuously monitor our cloud environment for security events, anomalies, and unauthorized access attempts.
To ensure maximum security for your capital and sensitive banking details, Pari partners with leading fintech infrastructure providers. Pari does not store your bank credentials or hold user funds directly on our servers.
| Partner | Role | Security Standard |
|---|---|---|
| Plaid | Bank Authentication & Aggregation | Uses Advanced Encryption Standard (AES 256) and Transport Layer Security (TLS) to securely connect your bank to Pari without exposing credentials. |
| Bank Partners | Identity Verification & Transfer Automation | Orchestrates secure money movement, automates financial routing, and ensures compliance with strict KYC (Know Your Customer) and AML (Anti-Money Laundering) regulations. |
We welcome and appreciate the work of independent security researchers in helping us keep the Pari community safe.
If you believe you have discovered a security vulnerability in the Pari application, website, or infrastructure, please report it to us immediately by emailing security@pariapp.com.
Please include:
We ask that you give us a reasonable amount of time to investigate and remediate the issue before making any information public, and that you do not attempt to access, modify, or exfiltrate any actual user data during your research.