Skip to content
GeniusBooks

Security & Trust

Your financial data, protected at every layer.

GeniusBooks is built security-first. We connect through official, password-free OAuth, encrypt everything in transit and at rest, and never touch your books without your approval — whether you run on QuickBooks, our own native bookkeeping, or the providers we're adding next.

Encrypted in transit & at rest
OAuth — no passwords
Approval-first actions
Isolated per business
One-click disconnect
0Passwords we ever store
100%Actions you approve first
1-clickDisconnect, anytime
24/7Activity logging

How we protect your data

Security built into every layer.

Encrypted everywhere

Connections, access tokens, and your data are encrypted in transit with TLS and at rest. Secrets live in a dedicated, encrypted vault — never in plain text.

No passwords, ever

We connect through each provider's official OAuth. You sign in with them, and GeniusBooks only ever receives a scoped, revocable token.

Isolated by design

Every business — and, for firms, every client — runs in its own walled-off workspace. The AI only ever touches the one you've selected.

Audited end to end

Every action GeniusBooks takes is recorded in an activity log you can review, so nothing ever happens off the record.

Wherever your books live

One security model, every connection.

Run on QuickBooks Online or on our own native bookkeeping — both are live today, and more accounting providers are on the way. Every one is protected by the same architecture.

  • Connected today
    QuickBooks OnlineLink in one click and keep your books exactly where they are.
  • Built in
    Native bookkeepingRun your entire books inside GeniusBooks — no third-party tool required.
  • On the way
    More accounting providersWe're expanding to more platforms, each held to the same standard.
The same architecture protects every one:
Official OAuth
Encrypted tokens
Least-privilege access
Approval-first actions
Full audit trail

You're in control

You decide what the AI can do.

  • Approval-first

    GeniusBooks drafts the work and shows a preview; nothing posts to your books until you confirm.

  • Safe by default

    Destructive actions (like deleting an invoice) always ask first — they can't be triggered by accident.

  • Scoped access (firms)

    Assign Read-only, Bookkeeping, or Full access per client and per team member.

  • Leave anytime

    Disconnect in one click; your data stays right where it is, in your accounting platform.

How a connection works

Connect in one click — keep the keys.

Here's the QuickBooks flow today. Every provider we add follows the same password-free pattern.

  1. 1

    You click "Connect" and sign in with your provider — today, that's Intuit for QuickBooks.

  2. 2

    They hand GeniusBooks a secure, scoped, revocable token — never your password.

  3. 3

    GeniusBooks uses that token to read data and make the changes you approve. Revoke it anytime, from GeniusBooks or your provider.

QuickBooks is a registered trademark of Intuit Inc. GeniusBooks is an independent product and is not affiliated with, endorsed by, or sponsored by Intuit.

Our promises

What GeniusBooks will never do.

Trust is easier to keep than to win back. These lines never move.

  • Never ask for or store your accounting password.

  • Never post, edit, or delete anything in your books without your approval.

  • Never sell your financial data — to anyone, ever.

  • Never use your private books to train public AI models.

Data handling

What we access — and who processes it.

What we access: only the data needed to do the tasks you ask for (customers, invoices, expenses, reports), and only from the workspace you've selected.

AI processing: your requests are processed by our AI provider to generate responses and actions, under strict contractual terms. We don't sell your data.

Subprocessors we rely on:

  • OpenAIAI processing of your requests
  • StripeSubscription billing & payments
  • Cloud hostingApplication hosting & encrypted storage
  • WhatsApp & TelegramOptional messaging channels
  • Email deliveryTransactional notifications

See our Subprocessors list and DPA for full details. Those pages are being finalized with counsel.

Compliance & roadmap

Honest about where we are.

We follow security best practices and don't display compliance badges we haven't earned — we lead with concrete practices, not logos. As our certifications progress, we'll say so here, plainly.

What we do today:

  • Encryption in transit (TLS) and at rest
  • Official OAuth — no stored passwords
  • Least-privilege access controls
  • Per-business data isolation
  • Audit logging on every action

Security questions

Confident? Start free.

Start free
Book a demo
Start free