RP
RevenueProven
All Help Articles
How does Revenue Proven secure my data and OAuth tokens?

How does Revenue Proven secure my data and OAuth tokens?

All OAuth tokens are encrypted with AES-256-GCM before being stored, so your LinkedIn and CRM credentials are never held in plaintext at any point in the system.

Revenue Proven was designed from the start to treat your LinkedIn Ads and CRM tokens as sensitive credentials. Every OAuth token is encrypted using AES-256-GCM before it is written to the database. The encryption key is stored separately from the database, so compromising the database alone does not expose the tokens.

How token encryption works

When you connect LinkedIn Ads or your CRM, Revenue Proven completes the OAuth flow and receives an access token and refresh token from the provider. Before writing either to the database, the application encrypts them using AES-256-GCM with a unique initialization vector per token. The encrypted ciphertext is what gets stored. When the sync pipeline needs to make API calls, it decrypts the token in memory for that request only.

  • AES-256-GCM encryption on every OAuth token before storage
  • Unique initialization vector per token, preventing pattern analysis
  • Encryption key stored separately from the database
  • Tokens decrypted only in memory, never logged
  • Token scopes introspected and stored to detect permission changes

Password and session security

User passwords are hashed with bcrypt before storage. Revenue Proven cannot retrieve your password if you forget it, which is why the password-reset flow generates a time-limited token sent to your verified email. Sessions are managed by NextAuth as signed JWTs, and all web traffic is served over HTTPS with Cloudflare at the edge.

Why this matters for influenced revenue

Revenue Proven connects LinkedIn Ads engagement to CRM revenue at the company level, so B2B teams can prove which campaigns influenced real pipeline and closed-won deals. When you are working with influenced revenue, the goal is always the same: tie marketing activity back to revenue you can defend in front of your leadership team.

Revenue Proven keeps the answer grounded in your own connected data. It pulls company-level engagement from the LinkedIn Ad Analytics API across five lookback windows (180, 90, 60, 30, and 7 days), matches those companies to HubSpot or Salesforce accounts by domain and name, and surfaces influenced pipeline and influenced revenue alongside a company-by-company journey timeline. That means the figures you see here reflect the accounts your campaigns actually reached, not estimates or modeled guesses.

If anything in this area looks unexpected, re-check that your LinkedIn Ads and CRM connections are active and that a recent sync has completed, then refresh the page.