Security
deben protects your money data with on-device encryption and, above all, by never connecting to the internet. Here is exactly how.
No network, nothing to leak
deben declares no internet permission. It cannot open a network connection, so there is no server to breach, no data in transit to intercept, and nothing to leak. This is the strongest protection of all: your data cannot be taken from a place it never goes.
Encrypted on your device
All of your data lives in a single database on your phone, encrypted at rest with SQLCipher. The encryption key is protected by the Android Keystore, so it never exists in plain form outside secure, hardware-backed storage.
Locked behind your biometric
You can lock deben behind your device fingerprint, face, or PIN, so the app opens only for you, even if your phone is unlocked and in someone else's hands.
Encrypted backups you control
Backups are encrypted with a password you choose and saved, through your system file picker, to a place you pick. A backup is never uploaded anywhere. A forgotten backup password cannot be recovered by anyone, including us, which is the price of a backup that only you can open.
Least privilege
deben asks only for what a feature needs. Message reading is optional and off by default, and deben looks only at messages that read like transactions or brand offers, never your personal conversations. There are no advertising, analytics, or tracking libraries in the app.
Reporting a vulnerability
Found a security issue? Please email support@debenapp.com with the details. Because deben has no servers and no network access, its attack surface is small, but every report is taken seriously.