Security
Epifi Technologies Private Limited (epiFi or Company) is a fintech company providing financial solutions and services. We believe that our customers (You) should remain convinced their data is in safe hands. This page speaks about our security practices and how we maximise the safety of your data.
We aim for the highest standards of safety, security and confidentiality when using your data. This policy also describes how we securely collect and preserve your information.
TL;DR: We have deployed state-of-the-art infrastructure audited by industry experts to ensure maximum security of your data. But here are the details for each section -
Cloud Infrastructure ☁️
We host our website on Amazon Web Services (AWS), which provides a secure and scalable technology platform.
Our infrastructure is launched in compliance with AWS' Well-Architected Framework and incorporates best practices from the AWS Cloud Adoption Framework from the security perspective.
All communication between the Platform and our servers stay protected via 2048bit encrypted HTTPS protocol. Anyone or anything, including a supercomputer that attempts to pry, may take years to get the decryption combination using a trial-error method.
We use HTTPS protocol for our website and mobile applications (referred to as "Platform"). It lets us securely transmit sensitive data over the internet.
To improve cybersecurity, we also have strict network segmentation and isolation of environments and services in place. Translation: During untoward scenarios, we can limit the impact within tiny Sections while the overall system remains unaffected.
Host Security 🔒
We use industry-leading solutions around anti-virus, anti-malware, intrusion prevention systems, and intrusion detection systems. We also apply the same standards for file integrity monitoring, application control, application and audit log aggregation, and automated patching.
All our servers are secured and hardened as per the Center for Internet Security (CIS) Benchmarks.
Data Security 💾
The user log-in is based on two-factor authentication on the Fi website and mobile application. All user data and internally stored data is encrypted at rest and in transit. Sensitive data is encrypted at the application level in addition to Transport Layer Security (TLS).
We employ separation of environments, network segregation, segregation of duties, and strict role-based access control on a documented, authorised & need-to-use basis.
We use key management services to limit access to information, except for the data team.
We only use anonymised and aggregated data for internal analytics and business intelligence purposes.
We use data replication for data resiliency and disaster recovery; snapshotting for data durability, and backup/restore testing for data reliability.
Incident and Change Management 🔄
We have deployed mature processes around change management, enabling us to release thoroughly tested features for you both reliably and securely.
We have a very aggressive stance on Incident Management on both Systems downtime and Security and Network Operations Center. We have an Information Security Management System that quickly reacts, remediates or escalates any incidents arising out of planned or unplanned changes.
Vulnerability Assessment and Penetration Testing ✍️
We have an in-house network security team which uses industry-leading products to conduct manual and automated Vulnerability Assessment and Penetration Testing activities
We employ both static application security testing and dynamic application security testing. Both get incorporated into our continuous integration / continuous deployment pipeline
We will bring in auditors certified by Computer Emergency Response Team (CERT-IN) to do periodic external testing and audits.
Responsible Disclosure ✔️
All of us at Epifi (Epifi Technologies Private Limited) are committed to our user's data and privacy.
We blend security at multiple steps within our products with state-of-the-art technology to ensure our systems maintain strong security measures.
The overall data and privacy security design allow us to defend our systems from various attacks.
You could submit a bug report to us at security@fi.money with detailed steps required to reproduce the vulnerability.
We shall put the best of our efforts to investigate and fix the legitimate issues in a reasonable time frame – while requesting you not to disclose it publicly.
Please refer to our Privacy Policy for more information.
Fi is a money management platform that re-imagines the banking experience in India. The Federal Bank Account offered through our App, is a digital bank account that gives you the fastest way to open a bank account online.
Epifi Wealth Private Limited is a SEBI Registered Non Individual Investment Advisor (INA200015185) (BASL Membership ID: 1175) (Validity: September 24, 2020 - Perpetual) Principal Officer: Akhilesh Agrawal Contact Information: principalofficer.wealth@epifi.com; SEBI regional office address: 2nd Floor, Jeevan Mangal Building, No.4, Residency Road, Bengaluru - 560025, Karnataka; Tel. Board: +91-080-22222262/ 22222264/ 2222 2283 E-mail: bangalore-lo@sebi.gov.in
You can do everything from the Fi App, including peer-to-peer payments, fund transfers, bill payments, and more, with features to automate every action. You also get a VISA Platinum Debit card, track your spending, gain insights, grow your investment, get loans and earn rewards.
Epifi Wealth Pvt Ltd Salarpuria Sattva Knowledge Court, Survey No. 77, Plot no.9, 06th Floor, Doddenakundi,KR Puram, Hobli, Bangalore East, Karnataka 560048.
- There are brand logos shown on this site to indicate where a person spends money. These brands own these logos. We don’t endorse them, nor do they us.
- Mutual Fund investments are subject to market risks. Read all scheme related documents carefully. Past performance is not an indicator for future returns.
Products on our platform | Details |
|---|---|
Unified Payments Interface (UPI) | Epifi Technologies Pvt. Ltd ('Epifi Tech') is a Third-Party App Provider ('TPAP') - and acts as a service provider and participates in UPI through a Payment Service Provider ('PSP') Bank (Federal Bank). |
Savings Account and Deposits | Federal Bank offers savings account, fixed deposits and smart deposits to users on the Fi App (through Epifi Tech). Users' savings account and deposits are securely opened with Federal Bank. |
Cards | Fi Brand Pvt. Ltd. markets and distributes co-branded cards in partnership with Federal Bank and Visa. Cards are issued by Federal Bank. |
Loans | Epifi Tech facilitates loan distribution and acts as a lending service provider and/or digital lending application for various Banks, registered NBFCs and NBFC-P2P ('Lenders') List of Lenders. |
Insights
1. Net Worth: Helps users get a view of their financial Net Worth — in accordance with their assets & liabilities
2. Wealth Maximiser: Analyses your finances, shares financial reports to make informed money decisions
These products are governed by our Terms and Conditions, Privacy Policy, and any other product and partner specific terms and conditions as communicated to you.
©epiFi Technologies Pvt. Ltd. 2025
Fi is a money management platform that offers the perfect solution for all your financial needs. The Federal Bank Savings Account offered through Fi is an online savings account that you can open in 3 minutes! It goes beyond online account opening, as it has helped reimagine the banking experience in India
Through Fi, you can do more: apply for an instant personal loan, pick from many types of Mutual Funds, select the best SIP to invest in US Stocks, apply for a forex-free Debit Card (works for select account plans) to use while travelling abroad, analyse/improve their portfolio, get a 360-degree view of your spend insights and take steps building wealth.
You can also utilise Fi's free personal loan resources, such as the Personal Loan and EMI calculator, before proceeding to the quick loan application process. All of this is why over 35 lakh Indians feel that Fi is the only financial app you will ever need.