RightCapital Guide
      Back to home
      1. Advisor Wealth Management Help Center
      2. RightCapital Guide

      RightCapital Data Security

      RightCapital uses NSA security level encryption.

      In order to build a robust and holistic financial plan, you must link your accounts to RightCapital. Rest assured that this does not give Advisor Wealth Management access to any of your accounts. We will not have access to any of your banking credentials, as those are stored in encrypted channels approved by all of the financial institutions that RightCapital integrates with. 

      RightCapital cannot be used to make transactions. Your data is read-only, and we use this data to do activities like creating budget reports, and tracking your investments, loans, and other accounts integral to your financial plan.

      RightCapital Security Details

      DATA IN TRANSIT

      • All data transmission between your computer and our servers is encrypted, using industry-standard HTTPS protocol.

      • Our HTTPS implementation is rated A+ by independent Qualys SSL Labs.

      • Our SSL certificate uses 2048-bit asymmetric and 256-bit symmetric encryption.

      • We use HTTP Strict Transport Security (HSTS) to ensure only secure connections can be used for our website. Our website is accepted by and built in to Google Chrome, IE 11, Edge, and Firefox for this purpose.

      • Our servers take advantage of Perfect Forward Secrecy (FPS) to protect data transmission for modern web browsers. With forward secrecy, all past communication confidentiality is maintained even when a long-term secret key is compromised.

      DATA AT REST

      All your personally identifiable information — including your name, email, address, and uploaded documents — is encrypted when we store it. Such data is encrypted using AES-256.

      TWO-STEP VERIFICATION

      Two-step verification secures your account by requiring something you possess (your mobile phone), in addition to something you know (your password), to access your account.

      Once enabled, you’ll need to enter a verification code from your mobile phone to log in. This protects your account from unauthorized access even when your password is compromised.

      WE DO NOT SAVE YOUR CREDENTIALS

      All of your banking credentials are managed by Envestnet | Yodlee, and RightCapital does not store your credentials. RightCapital communicates with Yodlee via an encrypted data link.

      Envestnet | Yodlee is a leading data aggregation and data analytics platform powering dynamic, cloud-based innovation for digital financial services. More than 1,000 companies, including 11 of the 20 largest U.S. banks and hundreds of Internet services companies, subscribe to the Envestnet | Yodlee platform to power personalized financial apps and services for millions of consumers.

      For additional information see: Yodlee’s commitment to its clients and their customers.

      NO ONE CAN MOVE YOUR MONEY

      RightCapital has read-only access to your financial accounts through Yodlee. No one (not even you) can move any money in, out or between your accounts via RightCapital.

      Learn more about RightCapital's security standards here.