Authenticated encryption.
Sensitive finance fields are encrypted with AES-256-GCM before ordinary database storage.
Get worthiSecurity and privacy
Security choices for financial records you want to keep private.
worthi is manual-first and protects sensitive finance fields with application-level envelope encryption, per-user data keys, and authenticated encryption metadata.
Per-user keys.
Each user gets a separate data encryption key, and the database stores only a wrapped version of that key.
Less sensitive storage.
Account names, asset details, holdings, transaction notes, recurring rules, and history labels are protected fields.
What it helps with
A clearer record of your financial picture.
Encryption
Sensitive fields are encrypted before storage.
worthi uses application-level encryption for fields that can reveal personal financial details. That includes names, notes, labels, asset descriptions, and other sensitive finance records.
AES-256-GCM authenticated encryption
Unique initialization vectors for encrypted values
Authenticated data tied to user, model, field, and encryption version
Isolation
Financial records are scoped to the signed-in user.
Server-side access patterns keep user-owned accounts, assets, transactions, holdings, recurring rules, and history tied to the authenticated account.
Private email sign-in
Server-side user scoping for financial records
No exposure of one user's dashboard to another user
Manual-first
Privacy starts by collecting less access.
Because worthi does not require bank-linking credentials, there is less credential exposure from the start. Market and FX lookups use reference symbols and currencies, not bank passwords.
No bank, brokerage, or card passwords required
Market quote lookups use shared symbols
FX sync uses currency references
Questions
Straight answers before you start.
How does worthi protect sensitive finance fields?
worthi uses application-level envelope encryption for sensitive finance fields before ordinary database storage. The current implementation uses AES-256-GCM and per-user data keys.
Does worthi need bank credentials to work?
No. worthi is manual-first, so it does not need bank, brokerage, or card login credentials to build a net worth dashboard.
Are payments stored by worthi?
Payments are processed through Stripe Checkout. worthi does not store card details directly.
What does tamper-aware encryption mean here?
Encrypted values include authenticated metadata tied to the user, record type, field, and encryption version, which helps detect copied or altered ciphertext.
Start simple