Wageso

Security

Last updated: January 2024

Security Overview

At Wageso, security is not an afterthought—it's the foundation of everything we do. We employ industry-leading security practices to ensure your financial data remains private, secure, and under your complete control.

End-to-End Encryption

Your data is encrypted using military-grade encryption before it ever leaves your device:

  • Client-side encryption: All data is encrypted on your device before transmission
  • AES-256 encryption: Industry standard for maximum security
  • PBKDF2 key derivation: Your master password generates unique encryption keys
  • Zero-knowledge architecture: We cannot decrypt or access your data

Data Protection

We implement multiple layers of protection to safeguard your information:

  • Local-first approach: Your data stays on your devices by default
  • Encrypted storage: Even local data is encrypted at rest
  • No plaintext transmission: Data is never sent unencrypted
  • Secure protocols: All communications use TLS 1.3

Infrastructure Security

Our infrastructure is designed with security as the top priority:

  • TLS 1.3 encryption for all data in transit
  • Secure cloud infrastructure with enterprise-grade protection
  • 24/7 security monitoring and threat detection
  • Regular security updates and patches

Authentication & Access Control

Multiple layers of authentication protect your account:

  • Master password: Your key to decrypt all data
  • Biometric authentication: Fingerprint and face recognition support
  • Device-based security: Automatic locking when inactive
  • Session timeout: Automatic logout for added security

Open Source Transparency

We believe in transparency. Our core security implementations are open source, allowing independent security researchers and developers to audit our code and verify our security claims.

Security Audits

We regularly conduct internal security audits and welcome responsible disclosure from security researchers. Our commitment to security includes continuous improvement and adaptation to emerging threats.

Security Best Practices

To maximize your security, we recommend following these best practices:

  • Use a strong, unique master password
  • Create regular encrypted backups of your data
  • Keep the app updated to the latest version
  • Secure your devices with passwords and biometric locks

Security Incident Response

In the unlikely event of a security incident, we have established procedures to respond quickly, minimize impact, and keep you informed. Our zero-knowledge architecture ensures that even in worst-case scenarios, your encrypted data remains protected.

Security Contact

If you discover a security vulnerability or have security-related questions, please contact our security team:

Email: security@wageso.com

Security Updates

This security documentation is regularly updated to reflect our current practices and any changes to our security measures. We are committed to maintaining the highest standards of security for your financial data.