How do we secure your data?
Most apps say they "encrypt sensitive data."
But in fintech, the architecture behind that sentence matters.
At Mozaic, each user gets their own data encryption key.
That key protects sensitive data like bank and brokerage tokens, transaction details, and account names.
Then, each user key is wrapped by a master key stored in Google Cloud KMS, where the master key never leaves KMS.
What this means in practice:
→ A stolen database alone is not enough to decrypt sensitive user data
→ One user's key cannot unlock another user's data
→ A user's key can only be unlocked through an authenticated KMS call
→ Every key-unlock is logged and monitored for unusual activity
→ Access can be revoked centrally without re-encrypting every user's data
It is not just "we use encryption."
It is encryption designed to reduce blast radius.
Trust in fintech is not a tagline.
It is an architecture.
Give a try at: mozaicfinance.com