Data Security

Cheetah Finances for iPad implements a number of measures to protect financial data. Properly implemented encryption is used as a primary measure of protecting stored financial information from prying eyes.

Also, Data Safekeeping works together with security features to keep personal financial data protected at all times.

Data Protection is setup before any data can be entered

As part of the initial setup, Cheetah Finances for iPad requires creating a strong password and a passphrase.

Password is used to login, passphrase—to change or reset the password. Passphrase is also used to export and restore data vault backups.

Strong password and passphrase policy

When password and passphrase is created first time and changed afterwards, Cheetah Finances for iPad ensures that password and passphrase are strong enough to provide good protection agains dictionary and brute force attacks. Passphrase has higher security requirements than the password.

Data at rest is always encrypted

All financial data at rest (stored on iPad disk) is always encrypted, at any point in time. All data vault backups are always encrypted. All data exported outside of the app are always encrypted. Cheetah Finances for iPad never writes any clear text (unencrypted) data to disk. During session, every time data is changed, after a few seconds, it is automatically encrypted before saving to disk.

Password is required to access stored data

Password established during initial setup is required to access data. Once logged in, a new session is started where all stored data are unencrypted and loaded into memory.

Privacy Overlay minimizes financial data leaks

A specially designed Privacy Overlay covers currently open screen every time the app goes into background. Privacy Overlay is automatically removed when the app is restored. This prevents iOS from taking a screenshot of currently displayed financial data and writing it to disk as an unencrypted image file.

Session is tracked for inactivity

If Cheetah Finances for iPad goes into background and stays there for 30 min or more, current session is automatically expired. To continue working with data, a new session needs to be started.

Logging out removes data from memory

On logout or session expiration, Cheetah Finances for iPad automatically saves any unsaved data (encrypting before it is written to disk) and removes all data from memory. When new session is started, all data are unencrypted and loaded again.

Password and passphrase are not stored on the device

Cheetah Finances for iPad does not store password nor passphrase. Both password and passphrase are never written to disk, and never transmitted anywhere outside of the app.

Password and passphrase are not stored in memory

Once Cheetah Finances for iPad derives cryptographically strong key from the password or passphrase, the original clear text data are erased from the memory in a secure fashion.

Password and passphrase can be changed as needed

Cheetah Finances for iPad allows to change password or a passphrase at any time. In order to change the password, passphrase is required.

NOTE: Passphrase must be kept safe at all times. If password is forgotten but passphrase is known, the password can be reset. If passphrase is forgotten, there is no way to recover it.

Loosing both password and passphrase will cause complete data loss; neither can be changed nor recovered.