Security posture

Read-only QuickBooks access. No password collection. No writes.

BustedBooks is being built as a QuickBooks-connected cleanup scanner, not a bookkeeping automation tool. The trust posture is simple: connect through Intuit, read only what is needed for the requested scan, and explain how data is used.

OAuth connection

BustedBooks connects through Intuit OAuth. Users should never type QuickBooks credentials into BustedBooks directly.

Token protection

OAuth tokens are designed to be encrypted before persistence using AES-256-GCM and a server-side encryption key.

Limited purpose

QuickBooks data is used to estimate scan size, generate cleanup/anomaly findings, and create customer reports.

Operational safeguards

  • Connect through Intuit OAuth; users should never type QuickBooks credentials into BustedBooks.
  • Use QuickBooks data only to estimate scan size, generate cleanup findings, and create requested reports.
  • Encrypt OAuth tokens server-side before persistence and keep secrets out of browser-accessible code.
  • Use Stripe for card collection so BustedBooks does not store raw card numbers.
  • Provide disconnect, deletion, and support workflows before public launch.

Disconnect and deletion

Users should be able to disconnect QuickBooks, revoke stored OAuth tokens, and request deletion of reports or account data through support. These workflows are part of the marketplace-readiness checklist before public launch.