Security & Data Protection
Security & Data Protection
Built on Google Cloud Platform with SOC 2 certified infrastructure
Our Security Commitment
At Second Difference Solutions, we understand that your financial data is the lifeblood of your business. We’ve built our applications from the ground up with security as a core principle, not an afterthought.
Our security architecture is designed to protect your data at every stage: during transmission, at rest, and throughout processing. We employ industry-standard encryption protocols, secure authentication mechanisms, and strict access controls to ensure your information remains private and protected.
Authentication & Access Control
OAuth 2.0 Authentication
Industry-standard authentication protocol used by major financial institutions. Your credentials are never stored on our servers.
Read-Only Access
Our applications only retrieve data for analysis. We never modify, delete, or create transactions in your accounting system.
Session Management
Automatic session timeout and secure token handling protect against unauthorized access to your account.
Data Encryption
In Transit
All data transmitted between your browser and our servers is encrypted using TLS 1.3, the latest Transport Layer Security protocol. This ensures that your financial information cannot be intercepted or read by third parties during transmission.
At Rest
Sensitive data stored in our systems is encrypted using AES-256 encryption, the same standard used by government agencies and financial institutions worldwide. Even in the unlikely event of a data breach, encrypted data remains unreadable without the encryption keys.
Token Security
OAuth credentials and access tokens are encrypted with additional layers of protection and are automatically rotated to minimize exposure risk.
Infrastructure Security
Cloud-Native Architecture
Built on Google Cloud Platform infrastructure with SOC 2 certified security, redundancy, and compliance certifications. All data is processed and stored in the us-central1 region (United States). No data is stored outside the United States.
Network Protection
Firewalls, intrusion detection systems, and DDoS protection safeguard our infrastructure from external threats.
Secure Development
Our development practices follow OWASP guidelines, with input validation, parameterized queries, and security code reviews.
Access Logging
Comprehensive audit logs track all access to your data, providing transparency and supporting compliance requirements. Financial data in our Firestore database is isolated at the user ID and company ID level at the database layer -- no user can access another user's data even if authenticated.
Incident Response
In the event of a confirmed data breach affecting your personal information, we will notify affected users within 72 hours of becoming aware of the incident. Notification will describe the nature of the breach, data categories affected, and remediation steps taken. Our incident response procedures include immediate containment, root cause analysis, regulatory notification where required, and post-incident review.
Data Residency
All data collected and processed by Second Difference Solutions, LLC is stored in the United States. Specifically:
- Cloud infrastructure: Google Cloud Platform, us-central1 region (Council Bluffs, Iowa, United States)
- Database: Google Cloud Firestore, us-central1 region
- Compute: Cloud Run, us-central1 region
- Data isolation: Each user's financial data is stored in a separate Firestore document path keyed to their user ID and company ID. Database-level rules enforce that no user can read or write another user's documents.
If you are an EEA, UK, or Swiss resident and have questions about cross-border data transfers, see our Privacy Policy or contact info@2diff.io.
Third-Party Integrations
QuickBooks Integration
Our BizAnalyzer application integrates with QuickBooks® using Intuit’s official OAuth 2.0 API. This means:
- You authorize the connection directly through Intuit’s secure authorization flow
- We receive only the data you authorize based on the scopes you approve
- Tokens are short-lived and automatically refreshed when needed
- You can revoke access at any time through your Intuit account settings
Payment Processing
Payment information is processed through Stripe, a PCI-DSS Level 1 certified payment processor. We never see or store your full credit card number.
What We Don’t Do
We believe transparency about our limitations is just as important as highlighting our capabilities:
- We never sell your data to third parties
- We never share your financial information with advertisers or marketing companies
- We never use your data to train AI models – financial data sent to AI providers (OpenAI, Anthropic, Google) is processed for your query and discarded
- We never store credit card numbers on our servers
- We never make changes to your accounting records
Compliance & Standards
SOC 2 Infrastructure
Our cloud infrastructure provider maintains SOC 2 Type II compliance for security, availability, and confidentiality.
PCI-DSS Payments
Payment processing through Stripe meets the highest level of PCI-DSS compliance for cardholder data protection.
HTTPS Everywhere
All connections to our services require HTTPS. We never transmit data over unencrypted connections.
Regular Audits
We conduct regular security assessments and vulnerability scanning to identify and address potential risks.
Your Rights & Control
You maintain full control over your data:
- Disconnect anytime: Revoke our access to your accounts with a single click
- Data deletion: Request complete deletion of your data from our systems
- Data export: Download your analysis reports and data at any time
- Transparency: View exactly what data we access and how it’s used
Questions?
For security inquiries or to report a potential vulnerability, please contact us at info@2diff.io.
See It In Action
Try BizAnalyzer with sample data and see our security approach firsthand. No account or QuickBooks connection required.
All information and analysis provided on this site is for informational purposes only and does not constitute financial, accounting, or tax advice. QuickBooks® is a registered trademark of Intuit Inc. Second Difference Solutions, LLC is an independent software provider and is not affiliated with, endorsed by, or sponsored by Intuit Inc.