Security

World-class security is the foundation of your Family Operating System®

Your information is protected for all of life's important moments

Security

World-class security is the foundation of your Family Operating System®

Your information is protected for all of life's important moments

Security

World-class security is the foundation of your Family Operating System®

Your information is protected for all of life's important moments

Step up your information security with The Family Operating System®

The Family Operating System® is designed to shield families and their advisors from breaches, identity theft, and other security threats. Protect important information with a platform that takes security and privacy seriously and complies with the most stringent industry standards for data confidentiality, integrity, and availability.

Step up your information security with The Family Operating System®

The Family Operating System® is designed to shield families and their advisors from breaches, identity theft, and other security threats. Protect important information with a platform that takes security and privacy seriously and complies with the most stringent industry standards for data confidentiality, integrity, and availability.

Step up your information security with The Family Operating System®

The Family Operating System® is designed to shield families and their advisors from breaches, identity theft, and other security threats. Protect important information with a platform that takes security and privacy seriously and complies with the most stringent industry standards for data confidentiality, integrity, and availability.

Our Security & Privacy Tenents

Protected

Your information is secure and protected at all times. Adopting Trustworthy is a meaningful step up in family information security because we employ leading edge security measures like robust password recipes, two-factor authentication including hardware keys and , AES 256 bit encryption.

Protected

Your information is secure and protected at all times. Adopting Trustworthy is a meaningful step up in family information security because we employ leading edge security measures like robust password recipes, two-factor authentication including hardware keys and, AES 256 bit encryption.

Private

We’ll never share or sell your information. You and your information are not our business model. We do everything in our power to keep your information protected and secure.

Private

We’ll never share or sell your information. You and your information are not our business model. We do everything in our power to keep your information protected and secure.

Yours

You are the sole arbiter of your information and you alone decide whom to share it with and how you want to use it or benefit from it.

Yours

You are the sole arbiter of your information and you alone decide whom to share it with and how you want to use it or benefit from it.

Here's how we protect family information.

Username & Password

Trustworthy requires an email address and password for you to create a member account. An email address is unique to each member and our password recipe requires a minimum of 8 characters with numbers, symbols and upper and lower case characters. These requirements make passwords almost impossible to hack.

Username & Password

Trustworthy requires an email address and password for you to create a member account. An email address is unique to each member and our password recipe requires a minimum of 8 characters with numbers, symbols and upper and lower case characters. These requirements make passwords almost impossible to hack.

Username & Password

Trustworthy requires an email address and password for you to create a member account. An email address is unique to each member and our password recipe requires a minimum of 8 characters with numbers, symbols and upper and lower case characters. These requirements make passwords almost impossible to hack.

Two-factor Authentication for Trustworthy

Trustworthy requires two-factor authentication as a default — not an option — to verify a member’s identity. It’s an extra layer of security for Trustworthy accounts designed to ensure that members are the only people who can access their account, even if someone else knows their password. With two-factor authentication, only members can access their account on a trusted device or the web. When you want to sign in to a new device for the first time, you’ll need to provide two pieces of information, your password and a one-time, random, six-digit verification code that's automatically sent to your phone. By entering the code, you're verifying that you trust the new device. Multiple layers of security — a password and two-factor authentication — dramatically improves the security of your Family Operating System™ and aids in protecting you from phishing attacks.

Two-factor Authentication for Trustworthy

Trustworthy requires two-factor authentication as a default — not an option — to verify a member’s identity. It’s an extra layer of security for Trustworthy accounts designed to ensure that members are the only people who can access their account, even if someone else knows their password. With two-factor authentication, only members can access their account on a trusted device or the web. When you want to sign in to a new device for the first time, you’ll need to provide two pieces of information, your password and a one-time, random, six-digit verification code that's automatically sent to your phone. By entering the code, you're verifying that you trust the new device. Multiple layers of security — a password and two-factor authentication — dramatically improves the security of your Family Operating System™ and aids in protecting you from phishing attacks.

Two-factor Authentication for Trustworthy

Trustworthy requires two-factor authentication as a default — not an option — to verify a member’s identity. It’s an extra layer of security for Trustworthy accounts designed to ensure that members are the only people who can access their account, even if someone else knows their password. With two-factor authentication, only members can access their account on a trusted device or the web. When you want to sign in to a new device for the first time, you’ll need to provide two pieces of information, your password and a one-time, random, six-digit verification code that's automatically sent to your phone. By entering the code, you're verifying that you trust the new device. Multiple layers of security — a password and two-factor authentication — dramatically improves the security of your Family Operating System™ and aids in protecting you from phishing attacks.

Two-factor Authentication for Trustworthy

Trustworthy requires two-factor authentication as a default — not an option — to verify a member’s identity. It’s an extra layer of security for Trustworthy accounts designed to ensure that members are the only people who can access their account, even if someone else knows their password. With two-factor authentication, only members can access their account on a trusted device or the web. When you want to sign in to a new device for the first time, you’ll need to provide two pieces of information, your password and a one-time, random, six-digit verification code that's automatically sent to your phone. By entering the code, you're verifying that you trust the new device. Multiple layers of security — a password and two-factor authentication — dramatically improves the security of your Family Operating System™ and aids in protecting you from phishing attacks.

Two-factor Authentication for Trustworthy

Trustworthy requires two-factor authentication as a default — not an option — to verify a member’s identity. It’s an extra layer of security for Trustworthy accounts designed to ensure that members are the only people who can access their account, even if someone else knows their password. With two-factor authentication, only members can access their account on a trusted device or the web. When you want to sign in to a new device for the first time, you’ll need to provide two pieces of information, your password and a one-time, random, six-digit verification code that's automatically sent to your phone. By entering the code, you're verifying that you trust the new device. Multiple layers of security — a password and two-factor authentication — dramatically improves the security of your Family Operating System™ and aids in protecting you from phishing attacks.

Physical security keys (YubiKeys)

A YubiKey or ubiquitous key, is a piece of security hardware, also known as a security token, that allows users to add a second authentication factor to online services. It looks similar to a USB thumb drive and is physically attached to the device you’re using to authenticate. You must be physically present to authenticate a YubiKey. This means that Yubikeys are one of the best ways to avoid phishing and account takeovers.

Trustworthy is the only family information platform that supports YubiKeys. Email experts@trustworthy.com to find out how to get and program a YubiKey.

Biometric authentication

Trustworthy employs biometric (facial or fingerprint) authentication on our mobile app. This is an additional layer of authentication with added convenience to members quickly access their information.

Biometric authentication

Trustworthy employs biometric (facial or fingerprint) authentication on our mobile app. This is an additional layer of authentication with added convenience to members quickly access their information.

Biometric authentication

Trustworthy employs biometric (facial or fingerprint) authentication on our mobile app. This is an additional layer of authentication with added convenience to members quickly access their information.

Data Encryption

Trustworthy data is encrypted in transit and at rest in order to provide the highest level of data security. This means that member data is protected with a key derived from information unique to your account, combined with your device passcode, which only you know. No one else can access or read this data. All of the information you enter into Trustworthy is transmitted and stored online using end-to-end encryption and an AES 256-bit encryption key. Even if someone were to breach Trustworthy and get your data, they would need access to Trustworthy’s encryption keys to be able to decrypt it and read it. Without the 256-bit encryption keys, the information is hashed and unavailable. A hacker would require 2 to the power of 256 different combinations to break a 256-bit encrypted message, which is virtually impossible to be broken by even the fastest computers. For reference, the U.S. government requires that all sensitive and important data be encrypted using 192- or 256-bit encryption methods.

Data Encryption

Trustworthy data is encrypted in transit and at rest in order to provide the highest level of data security. This means that member data is protected with a key derived from information unique to your account, combined with your device passcode, which only you know. No one else can access or read this data. All of the information you enter into Trustworthy is transmitted and stored online using end-to-end encryption and an AES 256-bit encryption key. Even if someone were to breach Trustworthy and get your data, they would need access to Trustworthy’s encryption keys to be able to decrypt it and read it. Without the 256-bit encryption keys, the information is hashed and unavailable. A hacker would require 2 to the power of 256 different combinations to break a 256-bit encrypted message, which is virtually impossible to be broken by even the fastest computers. For reference, the U.S. government requires that all sensitive and important data be encrypted using 192- or 256-bit encryption methods.

Data Encryption

Trustworthy data is encrypted in transit and at rest in order to provide the highest level of data security. This means that member data is protected with a key derived from information unique to your account, combined with your device passcode, which only you know. No one else can access or read this data. All of the information you enter into Trustworthy is transmitted and stored online using end-to-end encryption and an AES 256-bit encryption key. Even if someone were to breach Trustworthy and get your data, they would need access to Trustworthy’s encryption keys to be able to decrypt it and read it. Without the 256-bit encryption keys, the information is hashed and unavailable. A hacker would require 2 to the power of 256 different combinations to break a 256-bit encrypted message, which is virtually impossible to be broken by even the fastest computers. For reference, the U.S. government requires that all sensitive and important data be encrypted using 192- or 256-bit encryption methods.

Redaction

Trustworthy redacts sensitive information - like a driver’s license number - in the Trustworthy user interface to ensure that prying eyes cannot see the information on your device screen.

To aid in protecting your information in public places we also recommend the use of a privacy screen for your devices.

Emergency Contact Identity Verification

When you invite Emergency Contacts to be part of your Family Operating System® we ensure they are who they say they are with a thorough identity verification procedure. We do this up front so that in an emergency they’re not spending valuable time validating themselves to get access to critical information.

Emergency Contact Identity Verification

When you invite Emergency Contacts to be part of your Family Operating System® we ensure they are who they say they are with a thorough identity verification procedure. We do this up front so that in an emergency they’re not spending valuable time validating themselves to get access to critical information.

Emergency Contact Identity Verification

When you invite Emergency Contacts to be part of your Family Operating System® we ensure they are who they say they are with a thorough identity verification procedure. We do this up front so that in an emergency they’re not spending valuable time validating themselves to get access to critical information.

Tokenization/Aliasing

Trustworthy uses a next generation security technique called tokenization (also known as aliasing) to protect member information. Tokenization removes sensitive data from Trustworthy servers and replaces it with a corresponding token keeping the sensitive information protected and separate from the member’s account.

Tokenization/Aliasing

Trustworthy uses a next generation security technique called tokenization (also known as aliasing) to protect member information. Tokenization removes sensitive data from Trustworthy servers and replaces it with a corresponding token keeping the sensitive information protected and separate from the member’s account.

Tokenization/Aliasing

Trustworthy uses a next generation security technique called tokenization (also known as aliasing) to protect member information. Tokenization removes sensitive data from Trustworthy servers and replaces it with a corresponding token keeping the sensitive information protected and separate from the member’s account.

SOC-2 Type 2 Certification

Trustworthy is fully SOC2 Type 2 certified in accordance with the American Institute of CPAs (AICPA) SOC standard.

Compliance with SOC 2 requirements indicates that an organization maintains the highest level of information security. Strict compliance requirements (tested through independent audits) help ensure sensitive information is handled responsibly. Unlike SOC 2, Type 1, which assesses the design of controls at a specific point in time, Type 2 goes further by examining the operating effectiveness of those controls over a minimum of six months. This extended evaluation period is valuable because it allows organizations to demonstrate the consistency and durability of their control environment.

SOC-3 Certification

Trustworthy is fully SOC3 certified in accordance with the American Institute of CPAs (AICPA) SOC standard.

SOC 3 reports are valuable for service organizations as they demonstrate their commitment to maintaining a high level of security and reliability for their clients. SOC 3 helps foster trust, enhance business relationships, and ensure that sensitive data is adequately protected, making it a vital component of today's information security landscape.

To request a copy of the Trustworthy SOC3 report, please email security@trustworthy.com.

HIPAA Compliance

Trustworthy is fully compliant with the standards set forth by the U.S. Department of Health and Human Services (HHS) in The Health Insurance Portability and Accountability Act (HIPAA) to ensure that any member medical information is protected.

HIPAA Compliance

Trustworthy is fully compliant with the standards set forth by the U.S. Department of Health and Human Services (HHS) in The Health Insurance Portability and Accountability Act (HIPAA) to ensure that any member medical information is protected.

HIPAA Compliance

Trustworthy is fully compliant with the standards set forth by the U.S. Department of Health and Human Services (HHS) in The Health Insurance Portability and Accountability Act (HIPAA) to ensure that any member medical information is protected.

Partners

Trustworthy works with a variety of security providers to enhance our own security stack. We only work with providers who achieve the highest levels of security and privacy. Member data may be stored using third-party partners’ servers — such as Amazon Web Services — but these partners don’t have the keys to decrypt member data stored on their servers.

Partners

Trustworthy works with a variety of security providers to enhance our own security stack. We only work with providers who achieve the highest levels of security and privacy. Member data may be stored using third-party partners’ servers — such as Amazon Web Services — but these partners don’t have the keys to decrypt member data stored on their servers.

Partners

Trustworthy works with a variety of security providers to enhance our own security stack. We only work with providers who achieve the highest levels of security and privacy. Member data may be stored using third-party partners’ servers — such as Amazon Web Services — but these partners don’t have the keys to decrypt member data stored on their servers.

Trustworthy Employee Security

Every Trustworthy employee undergo rigorous background and security checks before being hired and twice-annual security and privacy training to ensure they understand our commitment to keeping member information safe. Employee company applications and devices are managed by a third party, which allows our security team to remove access to business applications at will and remotely freeze or wipe devices as needed. Security is built into we do. This isn’t a platitude. It’s a foundational part of our team culture. As we build Trustworthy, customer data is hidden at every step in the process. This way, customer information is never compromised.

Trustworthy Employee Security

Every Trustworthy employee undergo rigorous background and security checks before being hired and twice-annual security and privacy training to ensure they understand our commitment to keeping member information safe. Employee company applications and devices are managed by a third party, which allows our security team to remove access to business applications at will and remotely freeze or wipe devices as needed. Security is built into we do. This isn’t a platitude. It’s a foundational part of our team culture. As we build Trustworthy, customer data is hidden at every step in the process. This way, customer information is never compromised.

Trustworthy Employee Security

Every Trustworthy employee undergo rigorous background and security checks before being hired and twice-annual security and privacy training to ensure they understand our commitment to keeping member information safe. Employee company applications and devices are managed by a third party, which allows our security team to remove access to business applications at will and remotely freeze or wipe devices as needed. Security is built into we do. This isn’t a platitude. It’s a foundational part of our team culture. As we build Trustworthy, customer data is hidden at every step in the process. This way, customer information is never compromised.

Frequently Asked Questions

Frequently Asked Questions

Frequently Asked Questions

Will Trustworthy ever sell my data?

What happens to my family's data if I unsubscribe from Trustworthy?

Can I download my data?

What happens to my data if my subscription lapses?

If I delete my data, is it really deleted?

Can Trustworthy access my account in an emergency?

How does Trustworthy import financial data from banks and other institutions?

Can Trustworthy employees see my data?

Where can I report security issues?