Luminy connection security
This article explains what actually happens when you link a financial institution to Luminy, and why your bank credentials stay between you and your bank.
How linking works
When you connect an institution, you sign in with your provider or an authorized data partner - subject to their terms and your consent. Luminy uses Plaid, a data network trusted by thousands of financial apps, to handle that sign-in securely.
- You pick your institution in Luminy.
- You sign in on a secure screen operated by the data partner - not by Luminy.
- The partner passes Luminy an encrypted access token, never your credentials.
- Luminy uses that token to fetch only the data needed to show your balances, transactions, and insights.
What Luminy never sees
- Your bank username and password - they go to your institution, not to us.
- Anything beyond the data needed for the app - we only access what powers your dashboard and insights.
Access is always revocable
- Disconnect any account in the app and it stops syncing immediately.
- Connections are read-only - Luminy never holds your money or executes trades.
- Some institutions also let you review and revoke connected-app access from their own website or app.
