Finance · Privacy report
BofA icon
Bank of America Mobile Banking
Free · ★4.8 · Bank of America

Is BofA safe?

Yes. It is one of the clean finance apps.

Our take. We found no third-party advertising or analytics SDKs in BofA, and its own privacy label declares little or no data linked to you. For an app you trust with your money, that is what you want to see.

Privacy footprint · vs 80 financeMinimal
Trackers from other companies0 · none
typical finance: 3.5
Data the app links to you3 types · little
typical finance: 6 · from its own privacy label
What it collects about you

BofA links 3 categories of your data to you.

From the developer's own App Store privacy label. These are the kinds of data BofA ties to your identity.

IdentifiersUsage DataDiagnostics
Who else is inside

Few or no outside trackers.

We found no advertising, analytics, or attribution SDKs from other companies in BofA.
How it compares

Where it sits among finance.

Every one of these apps we have scanned, on the two measures above: third-party trackers it carries (across) and data it links to you on its own label (up). Toward the top right is more invasive.

Each dot is one finance app. BofA sits to the lower left, lighter than most.

The evidence

What it's built from.

All 115 SDKs in the app, grouped by what they are for. None are third-party trackers.

115
115standard libraries

0 of the 115 are third-party trackers. The rest are the app's own code and standard open-source building blocks.

Show the full SDK list
Standard libraries115 · on-device
The app's own code plus open-source interface, storage and networking libraries.

How we know this

Counterspy downloads the app from the App Store and statically analyzes its compiled binary. Embedded SDKs are matched against a signature database and resolved to the company that operates each. We also read the developer's App Store privacy label, which lists the data the app says it collects and links to you. We do not run the app or intercept its traffic, so we report capabilities present in the code and the developer's own disclosures, not proven transmission. We assess privacy and data collection, not malware, security flaws, or developer intent. Reports are automated and never edited for payment. Scan v26.03.02, 2026-04-01.

  1. Third-party trackers are advertising, analytics and attribution SDKs detected by static signature matching. Presence shows a capability is compiled in, not that it ran or transmitted data.
  2. "Data the app links to you" is the count of data categories the developer declares as Data Linked To You in its App Store privacy label. Labels are self-reported and not verified by Apple.
  3. Comparison across the 80 finance in our corpus. Trackers: median 3.5. Data linked to you: median 6.