Secure by default.
At every layer.
Your financial data is protected at every layer. Bank credentials stay with your bank via Plaid. Sessions are secured by Clerk. Sensitive records like SSNs and EINs are encrypted at rest.
Encryption at rest
All sensitive data including SSNs, EINs, and bank details are encrypted before storage.
Plaid OAuth
Bank credentials never touch Cleo Pay's servers. Plaid authenticates directly with the institution.
Clerk authentication
Session-based auth with automatic token refresh, OAuth sign-in, and email verification.
How it works
Security at every step
Sign up with Clerk's secure authentication. Verify your email and set credentials.
Connect your bank through Plaid's OAuth flow. Credentials stay with your bank.
Every payment and sensitive record is encrypted and transmitted over HTTPS.
Built on trusted, audited providers.
Cleo Pay does not build custom authentication or payment rails. Instead, it relies on industry-leading providers that are independently audited and trusted by thousands of financial applications.
See how we protect your data- Clerk for authentication, session management, and OAuth
- Plaid for bank account linking with OAuth security
- Dwolla for ACH payment processing over the US banking network
- Automatic token refresh and request retry on 401 responses
Why it matters
No stored credentials
Bank login credentials are handled entirely by Plaid and never pass through Cleo Pay.
Auto token refresh
Auth tokens refresh transparently before every API call. Sessions never expire unexpectedly.
Verified TIN storage
Tax identification numbers are validated, masked in the UI, and encrypted at rest.
Your data is protected at every layer.
Encryption, OAuth, and session security built into every interaction.
Get started free