Products
Open-Source Backend
Robust open-source financial backend.
Ledgers and ledger balances
Accurate record of your financial data.
Transaction workflows
Manage complexity with little code.
Reconciliation
Reconcile your ledger in 4 easy steps.
Identities
Manage users’ identity information.
Blnk Cloud
Manage your ledger with Blnk Cloud.
Reports & insights
Actionable insights into your data
Collaboration & access control
Work easily with other team members.
Anomaly Detection
Instantly know when anomalies occur.
Vault
Safe and secure document storage.
Developers
Resources
Interactive demo
See Blnk for yourself
Pricing
View demo
D
Get access now
Get accessView demoOpen navbar menu

Products

Developers

Resources

Security
How we handle security
Books and guides
Visit our fintech library.
Blog
Updates, thoughts, and opinions.
Community
Join our growing community on Discord.
Interactive demo
See Blnk for yourself

Pricing

Security at Blnk

At Blnk Finance, the safety and security of our customers' data are paramount. We highly value contributions from our community to help identify and resolve vulnerabilities in our platform. If you discover a security issue with a CVSS score of 4.0 or higher, please report it to us.

How to Report a Vulnerability

Send an email to security@blnkfinance.com with the following information:

  • Summary and Impact: A brief description of the vulnerability and its potential effects.
  • Steps to Reproduce: Clear, step-by-step instructions to replicate the issue.
  • Environment Details: Information about the environment you used (e.g., browser, operating system).
  • Proof-of-Concept: Any code snippets or methods that demonstrate the exploit, if available.

Scope of Reporting

In Scope:

Out of Scope:

  • Automated scanning activities.
  • Social engineering attempts, including targeting Blnk employees.
  • Password brute force attacks.
  • Clickjacking on non-sensitive pages.
  • Missing security headers without demonstrable exploitability.
  • Issues reproducible only under highly unlikely conditions (e.g., outdated browsers, exotic operating systems).
  • Denial of Service (DoS) attacks.
  • Physical access attacks.
  • Theoretical vulnerabilities without proof of concept.
  • Logic bugs that allow bypassing account limitations for free or paid features.

Our Commitment

  1. Acknowledgment: We will confirm receipt of your report within 48 hours.
  2. Investigation: Our security team will assess and prioritize the vulnerability.
  3. Resolution: We are dedicated to fixing reported issues promptly.
  4. Communication: You will receive updates on the status of your report and any actions taken.
  5. Confidentiality: All reports are handled with strict confidentiality to protect both you and our users.

Responsible Reporting Guidelines

  • Test Responsibly: Only assess vulnerabilities on your own account or with explicit permission.
  • Respect Privacy: Avoid actions that could lead to data breaches, data loss, or service interruptions.
  • Limit Access Attempts: Do not attempt to gain unauthorized access beyond what is necessary to demonstrate the vulnerability.
  • Maintain Confidentiality: Do not disclose the vulnerability publicly before reporting it to us, and allow us adequate time to address the issue.
Features
Ledgers and ledger balances
Balance monitoring
Multiple sources and destinations
Scheduling and refunds
Overdrafts
Inflight transactions
Reconciliation workflows
Anomaly detection
Identities
Cloud deployment
Vault
Developers
Download Blnk
Documentation
API Reference
Changelog
Status
SDKs
Resources
Pricing
Pricing Calculator
Interactive demo
Books & Guides
Company
About
Security
Community
Contact us
Report vulnerability
© 2024 All rights reserved. Blnk Finance LLC