Security
Your capital security is our top priority. Here's exactly how we protect your account and why you can trust us with your trading.
Scam & Hack Protection
Your Funds Are Safe
We have taken extensive provisions to protect your details from scammers and malware. While we cannot guarantee 100% security of any system, it's important to understand that in the event of a scam or hack targeting CameronAI, your money remains 100% safe. Your funds cannot be touched by any information you provide to CameronAI. API keys only allow trading—not withdrawals. The only scenario where your funds could be at risk from a scam is if Alpaca itself were compromised. We strongly advise that before live trading, you conduct your own research on Alpaca Securities in addition to the information we provide, to ensure you're comfortable depositing your money with them.
Alpaca Securities LLC
SEC Registered Broker-Dealer
Your money isn't held by us, it's held by Alpaca Securities LLC, a registered broker-dealer and member of FINRA and SIPC. This means your account is protected by industry-standard regulations and insurance.
SIPC Insurance
Securities Investor Protection Corporation
SIPC protects your account against the loss of cash and securities held at a brokerage firm in the event the firm fails. Your account is insured up to $500,000, including up to $250,000 for cash claims.
API Key Security
How Your Credentials Work
API keys are like a limited-access pass to your brokerage account. When you provide us with your Alpaca API keys, you're granting us permission to execute trades on your behalf—nothing more.
No Withdrawal Access
Your Money Stays Yours
CameronAI cannot withdraw, transfer, or move your funds. The API keys you provide are trade-only credentials. All withdrawals and transfers must be initiated by you directly through Alpaca's secure platform.
Data Encryption
Industry-Standard Protection
Your API keys are encrypted using AES-256 encryption before being stored. In transit, all data is protected by TLS 1.3. We follow security best practices to ensure your credentials remain safe.
Full Transparency
See Everything We Do
Every trade we execute on your behalf is visible in your Alpaca dashboard and in our customer dashboard. You'll receive daily email reports summarizing all activity. No hidden actions, no surprises.
Understanding API Keys
A deeper look at how API keys work and why they're secure.
What is an API Key?
An API key is like a special password that lets authorized software (like CameronAI) interact with your brokerage account. Think of it as giving someone a key to your garage, they can park your car for you, but they can't access your house or take anything else.
Key vs Secret Key
Alpaca provides two credentials: an API Key ID (public identifier) and a Secret Key (private password). Both are required to authenticate. The Secret Key is only shown once when generated—treat it like a password.
API Key ID
Public identifier, like a username
Secret Key
Private, like a password, never share
You're Always in Control
You can revoke your API keys at any time from your Alpaca dashboard. The moment you do, CameronAI loses all access to your account immediately. No questions asked, no waiting period.
Warning
If you revoke keys, change specific permissions, or fail billing without notifying us, existing open positions REMAIN UNCHANGED. They will not be managed or closed automatically. You must manually manage them or re-connect to the system.
Regulatory Compliance
Your account is protected by multiple layers of regulatory oversight.
SEC
Regulated
FINRA
Member
SIPC
Insured
SOC 2
Compliant