How KaS Protects Data
Security
KaS is designed to keep financial data scoped to each signed-in user and to avoid exposing secrets in the browser.
Focus
Per-user data isolation
Server-side secret handling
Reviewable import workflows
Account Isolation
KaS uses database access rules so users can only read and write their own records. This helps prevent one user from viewing another user's financial data.
Secret Management
Sensitive server credentials are meant to stay in server-side environment variables, not in public browser code. Public keys are limited to the app flows that require them.
Hosted Infrastructure
KaS runs on Vercel and stores application data in Supabase. Environment variables are managed outside source code, and database access is protected with per-user policies.
Import Safety
Statement import is intended only to turn your files into transactions inside your account. CSV is the safest and most reliable import path in KaS today. PDF import is supported on a best-effort basis and should be reviewed after import.