Security & Data Protection

Our Security Commitment

At Second Difference Solutions, we understand that your financial data is the lifeblood of your business. We’ve built our applications from the ground up with security as a core principle, not an afterthought.

Our security architecture is designed to protect your data at every stage: during transmission, at rest, and throughout processing. We employ industry-standard encryption protocols, secure authentication mechanisms, and strict access controls to ensure your information remains private and protected.

Authentication & Access Control

OAuth 2.0 Authentication

Industry-standard authentication protocol used by major financial institutions. Your credentials are never stored on our servers.

Multi-Factor Authentication

Optional MFA adds an extra layer of protection to your account, requiring verification beyond just your password.

Read-Only Access

Our applications only retrieve data for analysis. We never modify, delete, or create transactions in your accounting system.

Session Management

Automatic session timeout and secure token handling protect against unauthorized access to your account.

Data Encryption

In Transit

All data transmitted between your browser and our servers is encrypted using TLS 1.3, the latest Transport Layer Security protocol. This ensures that your financial information cannot be intercepted or read by third parties during transmission.

At Rest

Sensitive data stored in our systems is encrypted using AES-256 encryption, the same standard used by government agencies and financial institutions worldwide. Even in the unlikely event of a data breach, encrypted data remains unreadable without the encryption keys.

Token Security

OAuth credentials and access tokens are encrypted with additional layers of protection and are automatically rotated to minimize exposure risk.

Infrastructure Security

Cloud-Native Architecture

Built on Google Cloud Platform infrastructure with enterprise-grade security, redundancy, and compliance certifications.

Network Protection

Firewalls, intrusion detection systems, and DDoS protection safeguard our infrastructure from external threats.

Secure Development

Our development practices follow OWASP guidelines, with input validation, parameterized queries, and security code reviews.

Access Logging

Comprehensive audit logs track all access to your data, providing transparency and supporting compliance requirements.

Third-Party Integrations

QuickBooks Integration

Our BizAnalyzer application integrates with QuickBooks® using Intuit’s official OAuth 2.0 API. This means:

You authorize the connection directly through Intuit’s secure authorization flow
We receive only the data you authorize based on the scopes you approve
Tokens are short-lived and automatically refreshed when needed
You can revoke access at any time through your Intuit account settings

Payment Processing

Payment information is processed through Stripe, a PCI-DSS Level 1 certified payment processor. We never see or store your full credit card number.

What We Don’t Do

We believe transparency about our limitations is just as important as highlighting our capabilities:

We never sell your data to third parties
We never share your financial information with advertisers or marketing companies
We never use your data to train machine learning models without explicit consent
We never store credit card numbers on our servers
We never make changes to your accounting records

Compliance & Standards

SOC 2 Infrastructure

Our cloud infrastructure provider maintains SOC 2 Type II compliance for security, availability, and confidentiality.

PCI-DSS Payments

Payment processing through Stripe meets the highest level of PCI-DSS compliance for cardholder data protection.

HTTPS Everywhere

All connections to our services require HTTPS. We never transmit data over unencrypted connections.

Regular Audits

We conduct regular security assessments and vulnerability scanning to identify and address potential risks.

Your Rights & Control

You maintain full control over your data:

Disconnect anytime: Revoke our access to your accounts with a single click
Data deletion: Request complete deletion of your data from our systems
Data export: Download your analysis reports and data at any time
Transparency: View exactly what data we access and how it’s used

Questions?

For security inquiries or to report a potential vulnerability, please contact us at info@2diff.io.

QuickBooks® is a registered trademark of Intuit Inc. Second Difference Solutions, LLC is an independent software provider and is not affiliated with, endorsed by, or sponsored by Intuit Inc.