How Safe is the Empower (formerly Personal Capital) Website?
Do you have an Empower (Personal Capital) account or are you considering using their free money and investing tools? Before synching up with Empower or any financial website, you are wise to investigate the safety of the platform. This article will demonstrate why Empower is safe – as safe as any bank-type app.
[toc]
*Disclosure: Please note that this article may contain affiliate links which means that – at zero cost to you – I might earn a commission if you sign up or buy through the affiliate link.
When I first heard about Empower (Personal Capital), I was dazzled by how using it would make managing my money much easier, but I worried about whether Personal Capital is safe to link accounts to.
In fact, I belong to a generation that went to the bank when we wanted to open an account and wrote a check when we didn’t want to use hard cold cash. The Empower software or any type of online money management tools weren’t available.
Asking myself whether Empower safe to use was more about the regular and disturbing reports of cybersecurity attacks. For instance, only in August 2019 over 114 million records, from small businesses to British Airways e-ticketing, were breached. What I find even more disturbing is that in cybersecurity, this counts as a ‘quiet month’.
You and I are right to question if Empower is a safe site to use – after all, we don’t want to risk our nest egg.
My research has found that Empower has cybersecurity provisions that are as safe, often safer, than those of many banks.
This security review will answer your questions regarding the safety of the Empower site and help decide if it is safe to use for yourself.
This Empower security review includes a small bonus for you. Because your safety online is a combination of the safety of the platforms and the measures people take to make it harder for hackers, we have included a list of cybersecurity rules you must observe.
Is Empower Safe to use?
Empower is a wealth management powerhouse that brings all your financial accounts together, offers an overview of your net worth, and provides ideas about how to allocate your money and investments for the best long-term outcomes. The company also offers wealth management services for those with $100,000 or more.
It is a robust financial and wealth management tool. To use it to advantage, you must provide information about and the credentials for your financial accounts.
And here is the problem: you are entirely justified to ask if Empower is safe to use given the nature of information you are asked to provide.
Below, we frame the key internet security concerns regarding Empower as six questions.
Empower Tutorial – Free Investment and Financial Management Tools
1. Is my data safe with Empower?
There are two things you must understand before we go any further.
First, the matter of data security is key when deciding how safe is Empower because the information you provide includes details of your financial accounts and the credentials to access them. Now, this is serious stuff!
Second, you must understand how the Empower security system is organized and where the passwords and other credentials for your accounts are stored.
Let’s talk about how Empower deals with data first.
Empower uses very strong encryption. I could talk here about military-grade AES-256 and multi-layered key management. Since this makes little sense to me, I won’t. It suffices that the Empower website’s encryption is rated A+ by the Qualys SSL Labs (a stronger rating than most major banks and brokerages).
Empower also operates very strict internal access controls; e.g., no one at the company has access to your credentials. In other words, no one at Personal Capital can access your passwords.
Now, let’s turn to the question about the storage of your account passwords and credentials.
Bonus: Best Robo Advisor Guide
Does Empower store your passwords?
We all know that there is no such thing as a 100% secure website. For that matter, there is no such thing as a 100% secure house alarm – when professionals get to work, security systems fall.
What is the way to increase the level of cybersecurity (and, respectively, make your data safer)?
You not only encrypt data; you keep it in different places.
Here it means that your passwords and credentials are not kept in the Empower databases at all; they are on Yodlee, a third-party data aggregation service. And Yodlee is reputedly the biggest and most respected name in the data aggregation industry. Here is how it works:
- You give your credentials to Yodlee;
- Yodlee sends only data to Empower and interacts with banks; and
- You interact with Empower.
I’d say, given the level of encryption and the fact that Empower doesn’t store your credentials, your data is safe.
Sign up for the best deal in investment and financial management tracking including retirement planning calculator from the well regarded Peresonal Capital. The price for these valuable tools is free.
2. Is the connection to Empower safe?
We already know that your data is safe with Empower when already there.
Here the question is whether your data is safe on the way there and what is the probability of someone peeping in transit.
Empower uses technology that encrypts all your interactions with them, and deciphering the communication between you and their servers is not a trivial task. Again, the company uses very secure protocols. (Remember the A+ security rating, I mentioned above? It applies here as well.)
Furthermore, Empower requires two-stage authentication. If you log in from a new device, they will ask you to confirm that this is you via phone or e-mail.
3. How easy is it to breach the Empower website?
Difficult. (This is a guess, and I’m far from being a seasoned hacker, but it is an educated guess nevertheless.)
Still, there have been several high profile data breaches, including the credit card data breach at Capital One.
So, is it easy to breach the Empower website?
No, it is hard.
Is it possible?
Yes, it is. However, the probability of this happening is small.
4. How does Empower protect me against fraud?
Now that I’ve answered your concerns regarding the safety of your financial data and the website let’s turn to the matter of fraud.
Money crime has changed. Until recently, it was about people snatching your cash; today, a lot of it is about people fraudulently using your bank accounts and credit cards to shop for…well, anything.
Empower can help you detect fraudulent spending on your linked accounts. There are two ways to do that:
- You can use the Empower transactions page to check the activity on all your linked accounts; and
- You can opt-in the Daily Transaction Monitor and receive by e-mail a daily list of new transactions on all your linked accounts.
Find out: Do Any Robo-Advisors Focus on Downside Risk Protection?
5. Can hackers steal my money if my Empower account is compromised?
Let’s assume the worst: there has been a breach of your Empower account. Question is if the hackers can steal all your money?
No, they can’t, and there are two reasons for that:
One, the Empower application is designed to make it impossible to move money in, out, or between accounts from the dashboard. You can’t do it, and the hackers can’t do it either.
And two, your credentials are never sent to your browser. They are stored at Yodlee, remember?
In brief, even if your Empower account is compromised, and this is a big if, your money is safe.
And, the Empower App is safe as well!
6. Can Yodlee security be breached, and what happens next?
Yodlee maintains bank-level security, meaning they use military-grade encryption (256-bit), guarded facilities, no human access to unencrypted data and random security audits. Furthermore, Yodlee accepts banking industry regulatory oversight; this includes regular inspections by the authorities and specific regulation.
“Envestnet Yodlee’s security controls are indeed ‘bank-grade’ and are regularly assessed by regulators, industry-standard bodies, and our financial institution clients. Additionally, a key control for us is the encryption of consumers’ credentials. Credentials are encrypted when at rest, when in motion and usually both.”
Brian Costello, Vice President, Data Strategy & Strategic Solutions at Evestnet/Yodlee
Still, bad things could happen, right? What if someone hacks Yodlee security?
Experts agree that given the number of wealth management platforms using Yodlee, while the probability of a hack is small its consequences would be very serious.
It is not as clear whether you are due compensation if funds are stolen from your bank account as a result of a security breach at Yodlee.
I want to remind you now that the probability of Yodlee security hack is very small.
Bonus: Empower Retirement Planner for Women
What can you do to reduce the risk of my Empower account being compromised?
Here are seven tips to stay safe online, including when using Empower or another online platform.
1. Use strong passwords
2. Never use the same password on different accounts
3. Install the latest updates
4. Use two-factor authentication where possible
5. Use a password manager
6. Secure phones and tablets with a screen lock
7. Back up your data.
Empower FREE Portfolio Review
If you sign up for the free Empower investment management tools, and your aggregate linked accounts are worth more than $100,000, you’re eligible for a free portfolio review, by a financial planner.
Click on the button below, sign up and get your investment portfolio reviewed by a Certified Financial Planner (no strings attached):
Just sign up with the link, connect your accounts and wait for a call from the Empower representative!
How safe is Empower website? Wrap up
When I started this security review, my mind was heavy with the question is Empower safe to use.
Our research convinced us that Empower is a company that tackles issues around cybersecurity with competence, care, and continuous improvement. They use the latest encryption technology, have robust access protocols and don’t allow your bank accounts credentials anywhere near a web browser.
Using Empower is safe enough and safer than many websites we use daily.
What I’ve also learned is that my money is safe even if my Empower account gets breached. Hackers can see how much money I have and where it is stored, but they can’t move it around or get to my passwords and credentials.
This is safe enough for me. How about you?
Visit Empower to sign up for free investment and money management tools.
FAQ
Is Empower safe to link accounts?
Even in the unlikely event that your Empower account was compromised, the app is designed to ensure your security. Your credentials are not sent to your browser. After linking accounts, your credentials are stored at Yodley and only send directly to your financial institution.
Is Empower legit?
I (Barbara Friedberg’ RoboAdvisorPros owner) have visited the Empower headquarters, talked with corporate employees and use the Personal Capital free investment and cash management tools. The platform is a reliable company for investment and money management and planning.
Does Empower sell your information?
No. Empower doesn’t not rent, sell, or trade your personal information.
Can Empower be hacked?
No one can access your login data from the Empower website or app. As mentioned, your login credentials are stored with Yodlee and the data centers operate under the highest financial and international security standards.
For FREE money and investment management tools, click the sign up button below.
Related
- Empower Review
- Empower vs Betterment
- Empower vs Mint vs Quicken
- Empower Cash Review
- Empower vs Wealthfront
Disclosure: Please note that this article may contain affiliate links which means that – at zero cost to you – I might earn a commission if you sign up or buy through the affiliate link. That said, I never recommend anything I don’t believe is valuable.
Empower compensates Stocktrades Ltd for new leads. Stocktrades Ltd is not an investment client of Empower.
