VibeTrader Security
Your security is our top priority. Here's how we protect your data and trading accounts.
Data Protection
- Encryption at Rest - All data is encrypted using AES-256 encryption
- Encryption in Transit - TLS 1.3 for all connections
- Secure Key Storage - Brokerage API keys are encrypted and stored in isolated, secure vaults
- No Password Storage - We use Firebase Authentication; we never see your password
Brokerage Connection Security
- Read-Only by Default - Paper trading uses read-only access where possible
- Alpaca Partnership - We integrate with Alpaca, an SEC-registered, FINRA-member, SIPC-protected brokerage
- No Fund Withdrawals - VibeTrader can only place trades; we cannot withdraw funds from your account
- OAuth Coming Soon - Secure OAuth integration for easier, more secure connections
Infrastructure Security
- Google Cloud Platform - Enterprise-grade cloud infrastructure
- Firebase Security Rules - Granular access controls for all data
- Regular Security Audits - Continuous monitoring and vulnerability scanning
- DDoS Protection - Cloudflare protection against attacks
Your Controls
- Disconnect your brokerage at any time from Settings
- Delete your account and all data upon request
- View all bot activity in real-time
- Set maximum position sizes and daily loss limits
Contact Security Team
Found a security issue? Email us at security@vibetrader.markets