We understand how important your financial data is, so we’re focussed on ensuring the highest level security and privacy.
We strive to make account-linking as fast and frictionless as possible, but the security of your money and data are our highest priority.
When you connect your financial accounts with Stitch, we require you to enter a one-time PIN (OTP) or to authenticate the connection and/or payment in your mobile banking app.
Each bank login through Stitch is assigned a unique encryption key which gets stored inside a Microsoft Azure Keyvault, using OpenIDConnect 4.0.
These keys never leave this vault and no users, clients or anyone at Stitch have direct access to them.
We conduct regular penetration tests using external, CREST-certified vendors. to ensure that our systems follow the strongest security practices available and that they’re protected against attackers.