As heard on Bloomberg

Your data is safe with Mezzi

Bank-level encryption.
Mezzi has zero access to your money.

Technical blueprint-style illustration of a secure vault door with gears, locking mechanisms, and a keypad.Glowing purple neon outline of a mechanical gear system and central wheel on a dark background.

How Mezzi secures your data

Built on bank-level security you can trust

Bank-level security

All data transmission uses TLS 1.3 encryption protocols. These are the same cryptographic standards required by federal banking regulations and used by major financial institutions worldwide.

No account number storage

Mezzi does not store your bank account numbers, routing numbers, or any account identifiers. We work exclusively with industry leading platforms like Plaid and Meld, trusted by the leading banks, so we never have to see your account numbers.

How your financial data reaches Mezzi safely

Secure data connections

Financial data aggregation partners

Mezzi uses Plaid and Meld for secure bank connections. These services connect to financial institutions and maintain industry-standard security practices.

OAuth 2.0 token-based authentication

Account connections use OAuth 2.0 protocols. Your login credentials are never transmitted to or stored by Mezzi. Secure tokens allow read-only access to your financial data.

Your credentials remain private

Your bank usernames and passwords are handled exclusively by our certified partners. Mezzi employees cannot access or view your banking credentials under any circumstances.

Is It Safe To Connect Financial Accounts to App?

Rob Berger Interview with Plaid's Global Head of Digital Trust

Regulatory compliance

Legal requirements governing our security practices

SEC compliance requirements

As a registered investment advisor, Mezzi adheres to Securities and Exchange Commission regulations, including security requirements and breach reporting procedures.

Account security controls

Security features available to protect your account

Single sign-on authentication

Account access requires authentication through Apple or Google SSO. This eliminates password-based vulnerabilities and leverages enterprise-grade identity providers.

Account disconnection controls

Disconnect individual financial accounts or delete your entire Mezzi account at any time. Account disconnection immediately removes all associated data from our systems.

Ad free experience

How our subscription model protects your privacy

We make money through subscriptions

We aren't here to sell your data to a third party, today or ever. Our paid plan allows us to build the best product for you, while keeping all of our data private.

Free apps make money by selling your data to advertisers, meaning you're the product. With Mezzi, you're the customer. We build features you want, not features that help advertisers track you. 

Frequently asked questions

Are my bank login credentials secure with Mezzi?

We never store or see your credentials. We use partners like Plaid, Finicity, and Snaptrade to establish a read-only connection, meaning we cannot move money or alter your accounts.

Will Mezzi ever sell my personal data?

We never sell your data. Sharing is strictly governed by our Privacy Policy.

What Mezzi data is shared with collaborators I invite?

All information (accounts, goals, etc.) is shared by default with your household. We plan to add more granular visibility controls in a future version.

Can I unlink my financial accounts from Mezzi?

Yes. You can disconnect accounts at any time. You can also manually enter in your positions and we will track the live prices of your equity assets.

Can I delete my Mezzi account permanently?

Yes. You can cancel and delete your account at any time. After you request an account deletion from Mezzi your live connections to brokerages are immediately deleted. Your personal details and brokerage data is immediately deleted from our database as well. Some data related to advice or insights we have shown you in the app may be archived in our cold storage as we have a regulatory obligation to the US government, as a registered investment advisor, to archive any advice we have given you and the backing data for that advice, for a period of five years. That data is put in cold storage in encrypted form (not accessible by our servers, app, or analytics), and is only made available to a single party (the US government) if they were to initiate an examination of our business or launch a legal inquiry into our advisory activities. After 5 years that data is also deleted as the obligation to store and report that data expires.

Security incident reporting

Report security vulnerabilities or suspected account compromise directly to our security team.

Contact security team