Connecting any third-party app to your accounting software is a significant decision. Here's exactly what OutflowGuard can and cannot do.
We cannot move money, create payments, or modify your records.
OutflowGuard requests only the minimum permissions needed to detect bank account changes. We can view contacts and their bank details—nothing more.
Contacts - We monitor your supplier contacts for bank detail changes (this is the core of fraud detection)
Invoices (Read-Only) - We scan invoices to detect anomalies like round numbers or duplicates, but we cannot create, approve, or pay any bill
Bank accounts - We never see or store your bank login credentials
Payments - We cannot initiate, approve, or modify any payment
Financial reports - We don't access your P&L, balance sheet, or other financials
OutflowGuard is listed on the official Xero App Marketplace and uses Xero's secure OAuth authentication. We don't ask for your Xero password—you authorise us directly through Xero.
AES-256 encryption at rest for all stored data
TLS 1.3 in transit for all connections
Per-tenant encryption keys for data isolation
OutflowGuard is built by Donkeh Labs, an ASIC-registered Australian company (ABN 87 636 703 254). Your data is stored securely with Australian jurisdiction.
You can disconnect OutflowGuard from your Xero settings instantly. Once disconnected, we lose all access immediately.
