Security & Privacy

Privacy-First Architecture

Credit Card Co-Pilot is designed with a "privacy-first" philosophy. We believe your financial data belongs to you. Our system is built to provide high-value reward recommendations while maintaining a minimal data footprint and maximum transparency.

Secure Authentication

The application utilizes Google OAuth 2.0 for identity management. This ensures that:

• No Passwords Stored: We never see or store your Google password. Authentication is handled entirely through Google's secure infrastructure.
• Scoped Access: We only request the minimum permissions necessary to identify your account and sync your preferences across devices.
• Session Management: Secure token-based sessions ensure your data remains accessible only to you.

Local-First Data Storage

Most of your financial activity is processed and stored directly on your device using a local SQLite database.

• On-Device Processing: Transaction parsing and reward calculations happen locally, reducing the need to send sensitive financial logs to a central server.
• Data Persistence: Your card details, milestone progress, and transaction history are stored securely in a local-first architecture, ensuring the app remains functional even when offline.

Transparent Data Ingestion

To provide automated reward tracking, Credit Card Co-Pilot offers optional connectors for Gmail and SMS. Security is maintained through:

• Explicit Consent: No data is scanned without your proactive permission. You must manually connect and grant access to specific ingestion providers.
• Local Parsing: The app scans for specific bank-related keywords to identify transaction alerts. Raw payloads are processed into structured data, and you have full visibility into this process.
• Parser Review: The Parser Review screen allows you to see exactly how the system interpreted an email or SMS. If a transaction is "ambiguous," you can manually correct, accept, or reject the data before it affects your reward milestones.

// Example of how data is categorized for transparency during review
type IngestionStatus = 'parsed' | 'ambiguous' | 'failed';

// Every ingested event tracks its source and raw payload for your audit
interface IngestionEvent {
  source: 'gmail' | 'sms' | 'manual';
  rawPayload: JSON;
  parseStatus: IngestionStatus;
  merchantLabel: string;
  amount: number;
}

Financial Information Safety

We prioritize the protection of your most sensitive financial details:

• No Full Card Numbers: Credit Card Co-Pilot only stores the last 4 digits and the card network (Visa, Mastercard, etc.) to help you identify your cards. We never ask for or store your CVV, expiry date, or full 16-digit card number.
• Read-Only Intent: Our system is designed to be a recommendation engine and tracker. It has no "write" access to your bank accounts and cannot initiate transactions or move money.
• Anonymized Analytics: Usage analytics are focused on app performance and feature engagement. We do not sell your spending habits to third-party advertisers.

User Control & Data Deletion

You are always in control of your data:

• Disconnect Anytime: You can revoke Gmail or SMS permissions at any moment through the Ingestion Settings.
• Edit Everything: Every transaction, merchant category, and reward rule can be manually overridden if the automated system makes an incorrect assumption.
• Right to Erase: You can delete your account and local database at any time, removing your financial profile from the device.