Frequently Asked Questions

See plans and pricing
  1. Security
  2. Refund Policy
  3. International
  4. Feedback

Security

How secure are my credit card details?

We do not store any credit card details on our servers for recurring billing - we leave that up to the professionals.

Payment Express (http://www.paymentexpress.com) are our chosen credit card processor, because of their security and long standing in the online credit card processing industry. Payment Express store all of your credit card details and provide PocketSmith with a secure Billing ID that only we can use to charge your credit card. So as well as all the other security features we list below, none of your credit card number information is ever stored by PocketSmith. Ever. See their privacy policy here.

How secure is PocketSmith?

From the very first page, the complete application has 256-bit SSL encryption. This means that all information that goes between your internet browser (e.g. pages, images etc) can only be read by the server or you computer - even in the case that someone else is 'listening in' to the connection they will not be able to read any of the information that is being transferred - they just get scrambled garbage.

Is it safe to upload my transactions to PocketSmith?

The OFX and CSV features are completely safe, with no personally identifiable information ever read or stored. When you upload your transactions into PocketSmith, the only information that is read and processed are your individual transactions; all other information is discarded from the system.

But what about personal information that I give you in creating my account?

We do not ask you to provide us with anything that may reveal who you are, the only detail that we require is your email address so that we can verify that you are not a 'robot' creating fake accounts, and for us to get in touch with you on a periodical basis.

How secure is my password?

Your password is not stored as 'clear-text' in the database. To verify your password, there are two separate encrypted keys that are combined to verify that the entered password is correct. This means that nobody can retrieve your password.

Who in your organization can access the passwords and user ID's that you use to gather my financial information?

Absolutely no-one. Once you submit the form to send your credentials, they are first sent to a separate server on a private network, where they are then sent direct to our data providers, Yodlee Inc. At no stage are your details stored by PocketSmith or the PocketSmith Bank Feed service.

Yodlee are experts in the financial aggregation technology, and have 12 years experience behind them in providing financial institutions interconnectivity technology. You are able to read their full privacy policy here: http://www.yodlee.com/privacy-policy.html, and security policies here: http://www.yodlee.com/security.html, http://www.yodlee.com/consumer-security.html and http://www.yodlee.com/ymc_security.shtml.

  • We encrypt everything between your browser and our servers using industry standard 128bit SSL encryption.
  • After it gets to our side, it is protected by multiple layers of firewalls - the number of which I cannot tell you for security reasons, nor the vendors, but we use many and many vendors.
  • All sensitive field data is encrypted and stored in our databases encrypted internal to the tables with multiple rotating keys.
  • All databases are protected from employee access both physically and logically.
  • All databases are encrypted physically, and all drives and tapes are encrypted with different keys.
  • No employee can put any content on any unsecure machine (i.e., nothing can be taken from the database and put on a laptop).
  • All servers are customized and utilize an ultra locked down version of linux.
  • Multiple layers of intrusion detection systems both software and people running 24×7.
  • Automated software auditing of our source code to check for problems in the code.

Are the passwords and User ID's that I enter encrypted?

All communications between ourselves and our data provider (Yodlee) are SSL encrypted during transmission between our solitary Bank Feed server and Yodlee.

Our Bank Feed server that communicates with Yodlee is separate from the primary PocketSmith application server, and is secured from the outside world - it can only communicate to Yodlee and to the PocketSmith application server across the local network.

How are the encryption keys generated? Who can access the encryption keys? Can anyone in your organization access the database storing my user IDs and passwords that access my bank accounts?

No one in our organisation can access the banking usernames and passwords that are entered, nor can we access any encryption keys used in the process that our data providers use to store your credentials.

Billing and Refund Policy

How does the billing work?

Once you sign up for paid-for PocketSmith account, you will be billed on a monthly basis from the day after the creation of your account. The subscription is paid for in advance.

If I upgrade my account, when will I be charged the additional amount?

If you upgrade from a free account to a paid plan, you will be charged the next day for the proceeding month. If you upgrade your plan from another paid plan, you will be billed for the new plan amount on your next billing date (shown on your Account page).

If I decide to cancel my account or downgrade to the free plan, can I get a refund for the remainder of my billing month?

We do not give refunds for part months used, just as we don't charge for part months when you decide to upgrade :)

We also do not give refunds if you want to cancel your account after creation, however we do not bill you immediately, so you are able to cancel your account prior to the time shown when you sign up.

International

Can I use all of PocketSmith's features, no matter where I live?

Yes you can! We love that PocketSmith has an international community. As we better understand what our global users need, we will be adding new features to suit. If you're not from a dollar-based country, you can localise PocketSmith in the Accounts area by:

  1. Changing the currency used by the application. You can do this in the Accounts area.
  2. Changing the timezone to suit your location.

More importantly, PocketSmith supports OFX (an international standard for financial transactions), and user-specified CSV formats. This means you can upload your bank transactions no matter where you live.

Translations are also underway for PocketSmith - stay tuned for more news on this!

If you encounter difficulties uploading your transactions, please contact us at contact@pocketsmith.com.

Feedback

How can I report a bug or leave feedback?

While using PocketSmith, you can click on the orange "Feedback" tab on the left of the screen to send a message to us. Your comments and suggestions are highly valuable as they keep us informed of what our users want. You can also contact us at contact@pocketsmith.com.