Account security
      Back to home
      1. Help Centre
      2. Account security

      Is the mobile app really secured?

      Yes, VeraCash takes every precaution to ensure that your account management tool is secure and respects your personal data.

      Some websites can analyse mobile app for you to find out how they collect and/or use your data.

      The higher the number of permissions/trackers, the more questions the user may have about the mobile app's intentions.

      For transparency purposes, and in accordance with our Privacy Policy, we would like to explain what data VeraCash collects in the course of developing and managing its app.

      The permissions you grant us 

      • Biometrics: if you use biometrics on your phone, it will enable the VeraCash app to guarantee you the highest level of security when logging in and confirming your sensitive operations. If you have turned it off or do not wish to use it, you will need to define a security code that will be required each time you confirm a sensitive operation* ;
      • The camera: this is required when you sign up in order to verify your identity. This access can be deactivated in your phone settings, once your account has been validated;
      • External storage: this is subject to your consent and enables you to access your files quickly when submitting proof of identity as part of your registration;
      • Access to your contacts: this is subject to your consent and allows you to send VRC to the contacts on your phone.

      External authorisations (known as "trackers")

      • Batch: this tool allows us to send you notifications to confirm certain information or to bring information to your attention;
      • Crashlytics: this tool allows us to receive alerts when the mobile app stops working when you use it. These alerts are analysed and corrected in the next version of the app;
      • Firebase Analytics: this tool enables us to analyse the screens visited and therefore the friction encountered by our users so that we can improve the user experience.

      Ensuring the security of the app

      • API key: this is a private key used to communicate with the services we provide;
      • HTTPS protocol: this is a protocol that secures communications between our IT server and the mobile app by encrypting all data transmitted;
      • User token: we authenticate requests in the form of a user token;
      • Certificate pining: we implemented this to be sure that it really is the mobile app exchanging data with our server. This enables us to avoid man-in-the-middle attacks;
      • Cloudflare: this is a very powerful firewall that adds an extra layer of security;
      • Bug bounty: we provide 'ethical hackers' with computing environments identical to the 'production' environments used by our customers. These hackers regularly attack our system on these dedicated IT environments in order to detect potential vulnerabilities and correct them.

      How do I download the app?

      The VeraCash mobile app is available both on Google Play Store and App Store. To download it, click on the link that applies to you :

      Download on the App StoreGet it on Google Play

       

      *Starting from June 2024.