Security & privacy

Zero-knowledge by construction.

Your clients' data is encrypted on their device with a key derived from a master password we never see. The server stores ciphertext only. Atrium engineers — even Atrium engineers compelled by a court — cannot decrypt a single transaction, balance or note.

For an FCA-regulated firm, this turns the longest-running awkward conversation with clients into the easiest one.

A tended glasshouse interior, light streaming through arched glass onto established planting — The glass keeps the climate. The keys stay with the gardener.

The promise, in one sentence

If Atrium's database leaked tomorrow, the attacker would have nothing readable.

Every record — transactions, balances, retailers, retirement assumptions, account names, notes — is encrypted on the client before it crosses the network. The decryption key never leaves the client. The server holds ciphertext and authentication metadata; nothing else.

What we hold

Opaque encrypted record blobs
Argon2id salt + parameters
Public key for sealed-box invitations
Account auth metadata (email, last-login)

What we don't hold

The master password
Any derived key
Any plaintext data
The ability to read any record, anywhere

What that means in practice

Forgotten master password = lost data, by design
Subpoena returns ciphertext only
Insider compromise = nothing readable
Server move & restore = data still encrypted

The cryptography

Standard, audited, libsodium primitives — used the boring way.

No bespoke crypto. No "rolled our own." Just well-understood, modern, audited algorithms, composed the way the libsodium documentation recommends.

Argon2id: Key derivation. Memory-hard, side-channel resistant. The client's master password is stretched to a 256-bit key with parameters calibrated per device, so phone, laptop and desktop each spend ~1 second deriving — but a brute-force attacker spends prohibitively more.
XChaCha20 -Poly1305: Symmetric encryption. Authenticated, 192-bit extended-nonce variant. Every record gets a fresh random nonce; tampering is detected on decrypt; replay protection is per-record.
X25519 sealed boxes: Cross-device sharing. A new device fetches the encrypted master key sealed to its public key by an existing logged-in device. The server passes the sealed envelope but can't open it.
BIP-39 mnemonic: Recovery, not backdoor. A 24-word phrase the client writes down at signup. Reconstructs the master key without involving Atrium. Lose both password and phrase, and data is mathematically unrecoverable — including by us.
libsodium: The whole standard library. All primitives come from libsodium-wrappers-sumo. No hand-rolled crypto, anywhere in the codebase.

Encrypted at the client, before TLS. The TLS layer is the second wall, not the first.

Threat model

Where the wall holds. Where it doesn't.

Honest engineering names what it protects against and what it doesn't. Atrium protects against the classes of incident that make front pages. It doesn't promise the impossible.

What Atrium prevents

Database breach. A full dump returns ciphertext blobs only.
Compromised employee. An Atrium engineer with full server access cannot read a single record.
Subpoena / lawful intercept. We have nothing decryptable to hand over.
Cloud-provider compromise. AWS/Azure/GCP cannot read what we cannot read.
Man-in-the-middle. TLS + end-to-end encryption mean intercepted traffic is twice-protected.
Server-side malware. Persistent compromise of the API server reveals only ciphertext.

What Atrium can't prevent

Compromised client device. Malware on the user's laptop or phone with the session unlocked can read what the user can read.
Master password shared with attacker. Phishing the user remains phishing the user.
Forgotten password + lost recovery phrase. Data is mathematically unrecoverable — including by us. This is a feature, not a bug.
Side-channel on the user's device. Screen capture, keylogger, shoulder surf — outside the platform's reach.

Compliance

FCA-aligned. Consumer Duty-ready. GDPR by design.

Atrium was built for UK advice firms, not retrofitted. The regulatory posture follows from the architecture, not the other way around.

FCA & Consumer Duty

Atrium's whole-household view directly supports Consumer Duty's "consumer understanding" outcome — clients see their financial life clearly, not just their portfolio. Audit-quality activity logs available to your compliance team.

GDPR

Data minimisation is structural: we cannot store more than we can read. Subject access requests return the encrypted record set plus any decryption support your firm chooses to provide. Right-to-erasure is a single API call.

MiFID II reporting

Reporting export hooks designed for the formats your back-office team already produces. White-labelled per firm; data extracted via your firm's authenticated bridge, not ours.

UK data residency

All Atrium infrastructure runs in UK regions. No data crosses borders unless your firm explicitly enables an international integration.

Independent audit

Coming through SOC 2 Type II and ISO 27001 audits scheduled for completion ahead of general availability. We'll publish reports on request to firms in active evaluation.

Penetration testing

Coming through Annual third-party penetration tests, with summary reports available under NDA to firms with active deployments.

How Atrium differs

Zero-knowledge is the structural feature competitors can't match.

moneyinfo, Plannr, Wealthcraft and the rest are built on the assumption that the vendor reads the data — that's how their integrations, reports and AI features work. Atrium is built the other way round. That makes some features harder to build, and some impossible by competitors.

Question

Atrium

Typical vendor

Can the vendor read client transactions?

✓ No, ever

Yes — that's the model

If subpoenaed, does the vendor have data to hand over?

✓ Only ciphertext

Yes — full plaintext

Could a rogue employee export client data?

✓ Not readably

In principle, yes

Where does data live?

✓ UK regions only

Often mixed / unclear

Server-side AI on client data?

Not possible (deliberate)

✓ Possible — including by accident

The last row is the trade-off, stated honestly: server-side AI features that need plaintext are impossible on Atrium. We do client-side AI instead — local-first, never crossing the network unencrypted. For most firms that's the right shape.

Have a security or compliance team?

We'll meet them on the demo call.

Bring your IT lead, your compliance officer, your DPO — we'll walk through the architecture, hand over the threat model, and answer the technical questions head-on. NDAs available on request.

Book a security walk-through →