Help Center

Getting Started

1. Create Your Account

Sign up with your email address and create a secure password. Your password is used to generate your encryption key, so choose a strong one!

2. Connect Your Bank

Go to the Banks page and click "Connect Bank". We use Plaid to securely connect to your financial institutions with read-only access.

3. Sync Transactions

Once connected, click "Sync" to download your recent transactions. All data is encrypted before being stored.

4. Categorize and Track

Transactions are automatically categorized. You can customize categories and view summaries on your dashboard.

Security & Privacy

Zero-Knowledge Architecture

FiscFlowAI implements a zero-knowledge encryption model, meaning we have zero ability to access your sensitive financial data. Here's how it works:

🔐 What is Zero-Knowledge?

Zero-knowledge means that even if someone gained access to our servers, they would only see encrypted data that is mathematically impossible to decrypt without your password. We never store or have access to your encryption keys.

1
Password-Based Key Derivation

Your password is never sent to our servers. Instead, it's used locally on your device to derive a unique encryption key using PBKDF2 with a random salt. This process happens entirely in your browser or mobile app.

2
Client-Side Encryption

All sensitive data (transaction amounts, merchant names, descriptions, receipt images) is encrypted on your device using AES-256-GCM before transmission. Only encrypted ciphertext reaches our servers.

3
Server-Side Storage

Our servers store only encrypted data and cannot decrypt it. We store authentication hashes separately from encrypted data. Even database administrators cannot view your financial information.

4
Client-Side Decryption

When you log in, your encryption key is derived from your password and stored temporarily in your session. Data is only decrypted in your browser or mobile app when you view it.

What Data is Encrypted?

Transaction amounts
Merchant names
Transaction descriptions
Account numbers
Receipt images
Budget amounts

Note: Non-sensitive metadata like transaction dates, category IDs, and user IDs are not encrypted to enable server-side filtering and analytics.

Technical Implementation

  • Encryption: AES-256-GCM (Galois/Counter Mode)
  • Key Derivation: PBKDF2-HMAC-SHA256 with 100,000 iterations
  • Salt: Random 32-byte salt per user
  • Transport Security: TLS 1.3 for all API communications
  • Authentication: JWT tokens with httpOnly cookies

Bank Connection Security

Bank connections are powered by Plaid, a trusted financial services platform used by major apps like Venmo, Robinhood, and Coinbase.

  • We only request read-only access to your accounts
  • Your bank credentials are never stored by FiscFlowAI
  • Plaid uses bank-level security and is SOC 2 Type II certified
  • You can revoke access at any time through your bank or our app

Important: Password Recovery

Due to our zero-knowledge architecture, we cannot recover your password if you forget it. If you lose your password, you will lose access to your encrypted data and must create a new account. Please store your password securely using a password manager.

Features

Transaction Management

View, filter, and search all your transactions. Update categories or add manual transactions as needed.

Custom Categories

Create custom categories to organize your spending. Assign colors and icons for easy identification.

Period Summaries

View income and expense summaries for different time periods. Track your financial progress over time.

Multiple Bank Connections

Connect multiple bank accounts and credit cards. All your financial data in one place.

Frequently Asked Questions

Is FiscFlowAI free?

We offer a free tier with basic features including manual transaction entry and budget tracking. Premium plans unlock bank syncing, AI financial assistant, advanced analytics, and unlimited transactions. View pricing plans.

What happens if I forget my password?

Due to our zero-knowledge encryption model, we cannot recover your password. If you forget it, you'll need to create a new account. Always store your password securely!

Can I export my data?

Yes! You can export your transactions in CSV format from the Transactions page. Click the "Export" button to download your data. Your exported data will be decrypted for easy use in spreadsheets.

Which banks are supported?

We support over 11,000 financial institutions through Plaid integration, including major banks and credit unions in the US.

Still need help?

Contact our support team at support@fiscflowai.com