Security and controls
InvestCam is being designed with regulated fintech controls before public launch, with plain-language safeguards users can understand.
- What we protect: client identity, watchlists, research notes, statement requests, sandbox order intents, and future partner handoffs.
- How login is protected: Auth0 customer authentication is planned with passkeys and device biometrics where supported.
- How admin access is controlled: Cloudflare Access protects the admin console, with audit logs for sensitive user and admin actions.
- How unauthorized transactions are prevented: live deposits, FX, trading, crypto custody, staking, withdrawals, and order execution are disabled during beta.
- What happens before live launch: reconciliation, support workflows, partner contracts, security review, and regulatory gates must be completed.