Transferwise Security

Our mission at TransferWise is to give you cheap, convenient, and instant money transfers. At the heart of this is trust and transparency — you should trust us to keep your money safe. And you should know exactly how we’re doing that.

Account and Data Security

We are using the latest Transport Layer Security to keep your data safely encrypted in transit and encrypt data at rest. We run regular vulnerability scans and use independent auditors for Internal and External Penetration Tests and other Security Scans. Our Security Operations Team is monitoring constantly for any anomalies or account takeover attempts and keeping up with latest attack vectors to keep your data and money safe. Using just passwords to login is not safe, so we enforce 2 Factor Authentication on our Borderless accounts and recommend that you use it always.

We send you emails only from transferwise.com addresses and we have set up DMARC reject mode to make it hard for criminals to send phishing emails from our domain.

Infrastructure Security

Transferwise has servers in secure and ISO27001 compliant datacenters in Germany and in the Netherlands. We also run services from AWS cloud. We protect all of those from attacks and abuse:

Trust and compliance

We are regulated by FCA, registered with regulators in different countries across the world and have state licenses in the US. We are constantly audited by independent finance and IT auditors, our partners and we are PCI DSS and SOC 1 type 2 certified and GDPR compliant. Our customers rate us with 5/5 on trustpilot.com.

How you can help

Keeping your account secure is a shared responsibility. Here’s what you can do to increase the security of your account.

We also support responsible disclosure reporting for vulnerabilities.