Products
Our products
Build connected products for your SMB customersOur integrations
Standardised Integrations
Accounting APIConnect to your SMB customers’ accounting data
Commerce APIConnect to your SMB customers’ commerce data
Open Banking APIConnect to your SMB customers’ banking data
Automate Reconciliation
Sync for CommerceEmbedded accounting integrations for PoS and eCommerce platforms
Sync for ExpensesEmbedded accounting integrations for corporate card providers
risk automation
AssessStandardized data and actionable insights for smarter risk decisioning
Solutions
Solutions
Learn how the Codat API can help youCase studies
By Industry
SaaSSeamlessly connect your software to your customers’ financial data
PaymentsDeliver automated reconciliation to your business customers
Expense managementIntegrate your business customers’ transactional data with their accounting platform
B2B paymentsSynchronize your customers’ payables and receivables data
Digital lendingMake smarter and more confident risk assessments
Financial institutionsBuild better-integrated products for your SMB customers
Developers
For developers
Everything you need to integrateGet API keys
Getting Started
Quickstart guides
Docs
API reference
Company
Company
Learn more about our mission and the people behind CodatContact sales
LEARN MORE
About us
Careers
Case studies
Blog
Whitepapers
Partners
Upcoming events
Pricing
Sign in
Get API Keys

Security

Our attitude to security gives you peace of mind

As a company involved with sensitive business data, best in class security is vital. No compromises.
From the outset we have had security front of mind. Built using technologies tried and tested in the finance industry our system utilises technology and best practices from the likes of Microsoft.
We continue to test and re-test our architecture to ensure it meets the high level of security our customers expect.

Controlling access

Additional security features including IP restriction and two-factor authentication

Encryption

Data encrypted in transit using SSL and at rest using AES-256 managed by Microsoft Azure.

Constant improvement

Regular system penetration testing and continual improvement in line with our ISO27001 certification

Find out more

Find out more about our attitude to security and data protection

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	1 year	This cookies is set by GDPR Cookie Consent WordPress Plugin. The cookie is used to remember the user consent for the cookies under the category "Analytics".
cookielawinfo-checkbox-necessary	1 year	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
viewed_cookie_policy	1 year	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Others

Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.

Cookie	Duration	Description
lpv887333	30 minutes	No description
visitor_id887333	10 years	No description
visitor_id887333-hash	10 years	No description

Analytics

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.

Cookie	Duration	Description
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gat_gtag_UA_89798244_1	1 minute	Google Analytics cookies are used to collect information about how Visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of Visitors to the site, where Visitors have come to the site from, and the pages they visited.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.
_hjAbsoluteSessionInProgress	30 minutes	This cookie is used to detect the first pageview session of a user. This is a True/False flag set by the cookie.
_hjFirstSeen	30 minutes	This is set by Hotjar to identify a new user’s first session. It stores a true/false value, indicating whether this was the first time Hotjar saw this user. It is used by Recording filters to identify new user sessions.
_hjid	1 year	This cookie is set by Hotjar. This cookie is set when the customer first lands on a page with the Hotjar script. It is used to persist the random user ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID.
_hjIncludedInPageviewSample	2 minutes	This cookie is set to let Hotjar know whether that visitor is included in the data sampling defined by your site's pageview limit.
_hjTLDTest	session	When the Hotjar script executes we try to determine the most generic cookie path we should use, instead of the page hostname. This is done so that cookies can be shared across subdomains (where applicable). To determine this, we try to store the _hjTLDTest cookie for different URL substring alternatives until it fails. After this check, the cookie is removed.
_lfa	2 years	This cookie is set by the provider Leadfeeder. This cookie is used for identifying the IP address of devices visiting the website. The cookie collects information such as IP addresses, time spent on website and page requests for the visits.This collected information is used for retargeting of multiple users routing from the same IP address.
pardot	past	The cookie is set when the visitor is logged in as a Pardot user.
vuid	2 years	This domain of this cookie is owned by Vimeo. This cookie is used by vimeo to collect tracking information. It sets a unique ID to embed videos to the website.