Last updated: July 6, 2026
We never see your bank credentials
Bank and card connections are established through Plaid, the connectivity layer used by many of the largest financial apps. Your bank username and password go directly from your browser to your bank through Plaid — they never touch our servers, and we could not store them if we wanted to. Where your bank supports OAuth, you sign in on the bank's own website and your credentials never leave it at all.
What our servers receive is an access token: a revocable key, scoped to the accounts you approved, that lets us read transactions and nothing else.
Read-only by design
The access we receive through Plaid is read-only transaction and account data. MySubscriptions cannot move money, make payments, or change anything at your bank. This isn't a policy we promise to follow — it's a technical boundary of the access we request.
What data we receive — and what we don't
To detect subscriptions we receive, for each account you connect:
- Account basics: name, type (checking, credit card…), the last few digits, and balance.
- Transactions: date, amount, merchant name, and category.
We never receive or store:
- Your bank username or password.
- Full account or routing numbers — we don't request them.
- The ability to initiate payments or transfers of any kind.
Encryption everywhere
- All traffic uses TLS 1.2 or higher — the app refuses plain HTTP in production.
- Bank connection tokens are encrypted at rest with per-application keys before they ever touch our database.
- Passwords are stored only as modern one-way hashes (bcrypt) — we cannot read them, and neither can anyone else.
Verified webhooks
When Plaid notifies us that new transactions are available, that notification is cryptographically verified before we act on it — a signed JWT whose body hash must match the request, with replay protection so an intercepted message can't be reused. Forged or tampered requests are rejected outright.
Who can see your data
Your subscriptions and transactions are visible to your account and no one else's — every request is checked against the signed-in user before any data is returned. When you request a cancellation, the specialist handling it sees the details needed to process that request: the merchant, the plan cost, and any information you've provided for it — not your unrelated transactions.
You stay in control
- Disconnect any bank at any time — data collection from it stops immediately and our access token is revoked at Plaid.
- Delete your account and we revoke all bank access and permanently purge your data.
- Connections that stop working are automatically revoked after 30 days rather than lingering.
Found a vulnerability?
We appreciate responsible disclosure. Email security@mysubscriptions.com and we'll respond quickly. Please don't access data that isn't yours or degrade the service while testing.
Want the full picture of what happens after you connect? Read how MySubscriptions works, start to finish.