Portfolio mobile contains trade history, current holdings and other financial information that may be deemed sensitive. As such, we have taken measures to protect you and your information. The following sections describe what information may be optionally stored on our site and how data is communicated between our apps and server(s).
Portfolio mobile will never request personal information that may identify you or your accounts. Please disregard any emails from our site that request sensitive information or ask you to verify your identify.
By signing up for an account at portfoliomobile.com you get access to additional features including: data backup, migration of data between devices, web-based access and editing of data, shared feature subscriptions and more.
Unless you choose to use these services, all data will be stored on your local device only.
If you choose to use these services, your data will be stored on our server(s) with your online user account. Your data is only accessible to employees and consultants of Portfolio mobile and will only be accessed with your prior consent, and only for the purposes of assisting you with application setup, debugging, and other use issues that may arise. Please keep your username and password in a safe location, as it can be used to access and edit any information stored in your online account.
Portfolio mobile uses Secure Socket Layer (SSL) encryption to protect transmitted data. This includes syncing to and from our backup servers, accessing your data in our free web portal at portfoliomobile.com and all communication with brokers. Connections to sites such as Google, Yahoo and various other data providers are insecure as that data is benign and these services typically do not offer secure connection options.
We have taken steps to reduce the severity, should data stored on your device, and optionally on our server(s), be compromised. Your database file(s) contain a variety of position data, including portfolios, holdings and trade activity. For the most part, this data is of no consequence to an outside party, as the accuracy of such holdings can be neither verified nor associated with any party. The use of automatic broker syncing using Open Financial eXchange (OFX) will increase the severity of any data compromise. When using the broker sync feature, your account numbers are stored alongside your portfolio data. In the event that your data is compromised, an attacker would have access to account number(s) and institution(s), as well as specific information about your holdings. Passwords are never stored with your data; they are maintained in a secure, encrypted Keychain on your device and never synced with our servers or other devices. Separation of these vital pieces of information is critical to maintain data security. Without your password, an attacker would need significant personal information to compromise your accounts (eg. social security number, address, family history). If your financial institution does not require a significant level of identifying information to access your account, we cannot recommend using the broker sync feature.
Portfolio mobile stores sensitive financial information on your device(s) and, optionally, on our server(s). To mitigate any potential loss from lost or compromised devices we suggest that you use the optional password protection feature found in the settings or preferences areas of our apps.