Bank Connection Security
How Kantivo securely connects to your bank using Teller, and where your credentials are stored.
The Bottom Line
Kantivo does NOT store your bank login credentials. Your bank username and password are entered directly into Teller's secure widget and never touch our application.
How Bank Connection Works
Kantivo uses Teller, a secure bank connectivity provider (similar to Plaid), to connect to your bank. Here's the process:
1
You Click "Connect Bank"
A secure popup window opens from Teller (not Kantivo). This is Teller's official widget running on their servers.
2
You Enter Your Bank Credentials
You log into your bank directly through Teller's secure widget. Your username and password go straight to Teller, encrypted, and are never seen or stored by Kantivo.
3
Teller Returns an Access Token
After successful login, Teller gives Kantivo a special "access token" - a secure key that allows us to fetch your transactions. This token cannot be used to log into your bank or make transfers.
4
Transactions Sync Automatically
Using this token, Kantivo can securely fetch your transaction history for import into your accounting records.
Data Flow Diagram
👤
You
Enter bank login
→
🔐
Teller
Secure widget
→
🏦
Your Bank
Authenticates you
→
🔑
Access Token
Returned to app
Where Is Data Stored?
| Data Type | Where It's Stored | Security |
|---|---|---|
| Bank Username & Password | NEVER stored by Kantivo. You enter these directly into Teller's secure widget. We never see them. | Not Applicable |
| Teller Access Token | Stored in our secure cloud database (Admin Panel) - encrypted before storage. | AES-256-GCM Encrypted |
| Bank Name & Account Names | Stored locally on your computer (for display purposes only). | Non-sensitive metadata |
| Transaction History | Stored locally in your Kantivo database after you import. | Your local database |
Security Measures
-
🔐Bank Credentials Never Touch Kantivo Your bank username and password are entered directly into Teller's secure, PCI-compliant widget. Kantivo never sees, transmits, or stores these credentials.
-
🔒Access Tokens Are Encrypted The access token we receive from Teller is encrypted using AES-256-GCM encryption before being stored. Even if our database were compromised, the tokens would be unreadable.
-
🚫Tokens Cannot Access Your Bank Directly The access token can only be used through Teller's API to fetch transactions. It cannot be used to log into your bank, make transfers, or perform any actions on your account.
-
📜mTLS Certificate Authentication In production, all communication with Teller uses mutual TLS (mTLS) certificates, providing an additional layer of authentication and encryption.
-
🔄You Control the Connection You can disconnect your bank at any time from within Kantivo. When disconnected, the access token is invalidated and can no longer be used.
Frequently Asked Questions
Can Kantivo access my bank account directly?
No. Kantivo can only fetch transaction history through Teller's read-only API. We cannot log into your bank, initiate transfers, or make any changes to your account.
What happens if I disconnect my bank?
The access token is immediately invalidated. Kantivo will no longer be able to fetch new transactions. Any transactions you've already imported remain in your accounting records.
Is Teller a reputable company?
Yes. Teller is a regulated financial services company that partners with major banks to provide secure connectivity. They are SOC 2 Type II certified and comply with banking security standards.
What if my bank connection expires?
Some banks require periodic re-authentication for security. If this happens, you'll see a "Reconnect" prompt in Kantivo. Simply click it to re-authenticate through Teller's secure widget.
Can I use Kantivo without connecting my bank?
Absolutely. Bank connection is optional. You can manually import transactions via CSV/OFX files, use the PDF bucket import for bank statements, or enter transactions manually. Many users prefer this approach.
Questions?
If you have additional security questions about bank connectivity, please contact us at support@kantivo.app