Layer 1 - The account side
Anything that touches your Monexit account (signing in, paying, downloading an update) passes through a stack of server-side defenses. Every request is authenticated, rate-limited, validated, and logged before it can reach anything sensitive. A list of specific named mitigations is intentionally omitted: a public shopping list is a shopping list attackers can test against. Assume every common class of web attack has something purposeful in front of it.
Layer 2 - The launcher
The launcher is the small program that starts Monexit. Its job is to verify the environment before the core application is allowed to open your data. It confirms the app is the genuine Monexit build, watches for signs of interference with the running process, protects sensitive values from common in-memory leakage paths, and keeps the connection to our servers honest end-to-end. If any of its checks fail, the launcher stops; the core app never starts on a compromised surface.
Layer 3 - Your machine
Once the launcher hands off, Monexit runs entirely on your PC. It does not call our servers during use. No telemetry, no analytics, no background sync, no "anonymous" usage data. Your bank accounts, transactions, and receipts are processed and stored on your own device. That boundary is the most important line on this page. Nothing on the server side can protect data that never reaches the server in the first place.
What Monexit does not do, and will not pretend to
The local database is not wrapped in a second app-level password by Monexit. It is protected by the same data-protection measures your operating system already applies to every file you own on that device. Adding a second password layer would force you to manage another secret and would create a recovery path we do not want to have. Less attack surface, fewer places for things to go wrong.
The launcher's environment checks live in the launcher, not in the core app, on purpose: they run before any of your data is touched. Doing them inside the application would be theater.
The principle
One client, one machine, one set of keys. Yours. Our job is to make sure the code running on your PC is the code we shipped, and that nothing leaks to us or anyone else while you use it. Beyond that, the less we know, the less anyone can take.
Your Wealth Your Control Your Security
Security
Three layers sit between
anything malicious
and your financial data. Here's how they stack.
The server
Launcher
Your machine
Layer 1
The account side
Anything that touches your account (signing in, paying, downloading an update) goes through a stack of backend defenses on our servers. Every request is checked, limited, and logged before it can reach anything sensitive.
We intentionally don't publish the exact defenses here. A list of named mitigations is a shopping list attackers can test against. Assume every common class of web attack has something specific in front of it, with several more stacked behind.
What this layer does
Authenticates every session before it reaches anything sensitive
Throttles abusive patterns and repeated failures
Validates every request it receives
Logs and blocks suspicious activity
Layer 2
The launcher
The launcher is the small program that starts Monexit. Its job is to make sure Monexit itself is genuine and untampered before it starts the app.
If any of its checks fail, the launcher stops. The core application never starts on a compromised surface.
What this layer does
Confirms the app is the real Monexit, not a tampered copy
Detects attempts to tamper with Monexit while it runs
Protects sensitive values in memory from common leakage paths
Keeps the connection to our servers honest end-to-end
Layer 3
Your machine
Once the launcher hands off, Monexit runs entirely on your PC. It doesn't call our servers during use. No telemetry, no analytics, no background sync, no 'anonymous' usage data. Your bank accounts, transactions and receipts are processed and stored locally.
That boundary is the most important line on this page. Nothing we do on the server can protect data that never reaches the server in the first place.
What this layer does
All processing happens on your device
No cloud storage, no sync, no usage data sent back
Sessions stay confined to your machine
What we don't do, and won't pretend to
The local database is not encrypted by the app itself. It lives in your Windows user profile, protected by your Windows account and, if you use it, BitLocker. The same protection Windows already gives every file you own.
Adding a second app-level encryption layer would force you to manage another password and would hand us a recovery path we don't want to have. Less attack surface, fewer places for things to go wrong.
The runtime environment checks live in the launcher, not the core app. That's deliberate: they run before your data is ever touched. Doing them inside the app would be theater.
The principle
One client, one machine, one set of keys. Yours. Our job is to make sure the code running on your PC is the code we shipped, and that nothing leaks to us or anyone else while you use it. Beyond that, the less we know, the less anyone can take.