Security
Last updated: April 27, 2026
Security Practices
Beckett protects user data with TLS in transit, encrypted credential storage, database-level access controls, signed authentication tokens, rate limits on sensitive endpoints, and audit logging for security-sensitive operations.
Connected-service credentials are encrypted before storage. Beckett does not store bank login credentials; financial account connections, when available, are handled through Plaid.
Reporting a Vulnerability
If you believe you have found a security vulnerability in Beckett, email [email protected]. Include a concise description, affected URLs or accounts, reproduction steps, and any relevant logs or screenshots.
Please do not access, modify, delete, or disclose another person's data. Do not run automated testing that degrades Beckett availability. We will acknowledge credible reports as quickly as practical and keep reporters updated during triage.
Incident Response
Security incidents are triaged by severity, contained by disabling affected access paths or credentials, investigated using application and infrastructure logs, and remediated with code, configuration, or access-control changes.
If an incident materially affects user data, Beckett will notify affected users and regulators where required by applicable law.