M
Maneh

How we protect your data

Passwordless sign-in

We support passkeys and hardware-backed authentication. There is no reusable password for an attacker to phish or steal.

Your data stays isolated

Each account's financial data lives in its own dedicated store, not pooled together in one shared database.

Encrypted in transit

All traffic is encrypted and HTTPS is strictly enforced, so your session cannot be silently downgraded to an insecure connection.

Bank connections are read-only

When you link an account, you authenticate directly with your institution through a regulated aggregator. We never see or store your banking credentials, and access is read-only — Maneh cannot move your money.

We do not sell your data

Your financial information is used to power your analysis. It is not sold to third parties.

Security is built into how we ship

Code changes are screened for known vulnerabilities as part of our release process, before they reach you.

Found a vulnerability?

We welcome reports from security researchers. For the current contact address and disclosure details, see our security.txt. If you already have a Maneh account, you can also submit a confidential report from the in-app feedback menu. We aim to acknowledge valid reports promptly.

Maneh™ is a personal portfolio management tool, not a bank or broker — we do not hold your money. All analysis is informational only. Terms of use.