The security of your money and data is as important to us as it is to you.
Segregated Customer Accounts
All customer funds are held separately in segregated client accounts with one of the world’s largest financial institutions. These accounts are separate from our corporate accounts and we cannot use them to settle any of our own obligations. Our banking partner has over 57 million customers worldwide, and a 2013 revenue of $90 billion USD.
Two-factor authentication is a way of improving account security by combining what you know, for example your password, with something only you have in your possession, like your mobile phone.
When trying to log in or carry out certain actions, such as transferring money out, we will automatically send a message to your phone with a code. You enter this code into the two-factor authentication form on CurrencyFair.com.
To find out more, read our blog post on Two Factor Authentication.
Your Connection is Secure
Our website uses 256-bit encryption via SSL from VeriSign. This indicates that your connection is secure.
Secure Data Centre
All your account information is stored in a secure facility that is safeguarded 24-hours-a-day, and we use biometric security to gain access to our servers.
Systematic Procedures & Checks
We maintain continuous auditing, logging, backups and safe-guarding of data. To further protect against malicious attacks, we run numerous security tests on our own software and systems and maintain the very latest virus protection software.
We have built in a number of safeguards into our software including:
- Identity Verification – Checks on new customers to determine if the identity information provided is accurate and not suspicious.
- Automatic Logout – If you are inactive for an extended period of time we automatically log you out so unauthorised people cannot access your account.
- Contact Information Confirmation – All changes to your contact information are verified with you before we make any changes.
Tracked Deposits & Transfers
All deposits by you to us are recorded by your bank. All your exchanges and transfers on our platform are recorded and saved in your account summary and you will receive a confirmation email instantly. All transfers from our bank are also logged. In short, all of your interactions with us are fully documented and available to you when you need it.
CurrencyFair takes the safety of your personal details very seriously. We make it a top priority to provide system integrity and the confidentiality of your personal and transaction details. To allow data to be transmitted securely over the internet, the CurrencyFair Platform uses Secure Socket Layer (SSL), 128 bit encryption on required site pages (within the logged-in section). You can check that your connection is secure by looking for the https and the secure padlock symbol at the bottom right of your browser window, or in the address bar.
All data is held on secure servers hosted by Data Electronics (ISO 9001:2008 and ISO 27001 certified), that provide the highest levels of security 24/7, a managed firewall service as well as guaranteed power and connectivity.
When you register with CurrencyFair you will be asked to select a User Name, password and three security questions. We recommend a high level of password strength, including capitals, digits and symbols.
Additionally CurrencyFair will provide you with a 6 digit CurrencyFair PIN which you will be required to input for any functions that require us to confirm your identity, such as adding beneficiary accounts and transferring funds.
All relevant transactions are also reported directly to your registered email address.
Phishing and Social Engineering
Phishing is a method that criminals use to try and attain your personal information through what look like legitimate emails. Unfortunately, this is becoming a more common form of internet attack. These emails may even contain official branding. CurrencyFair will never ask you for your password, credit/debit card information or bank details through emails. Any account changes, transactions or adding bank accounts must always be completed by logging in securely through your CurrencyFair account. Try to remember what activities you recently carried out on CurrencyFair’s website and any recent communication you had with us. If the email is unrelated to known activity on your account, it might be a phishing attempt.
If you have received suspicious emails pertaining to be from CurrencyFair, do not open any attachments on the email and do not click on any links. Please forward these emails and notification of any other suspicious incidents to our Support Team at email@example.com. We will respond to the same email string and send you confirmation of the legitimacy of the email once we have been able to verify the original sender. You can also check out our Support Centre for further information on using our site.
The growing online payments industry, sadly brings an increase in online payment crime. Protect yourself by only entering your personal information and bank details into websites that you trust. Any attempted or known attacks on our customer’s personal information will be communicated via the CurrencyFair blogs or our Support Centre. Alternatively, if you suspect fraud or an attack on your CurrencyFair account, please email our Support Team at firstname.lastname@example.org.
Password and Device Security
It is important that you keep your password and devices as secure as possible. Be sure to update to the latest version of your operating system, anti-virus software and internet browser. This will keep your information and devices protected against the latest known security attacks. Try to avoid using public WiFi areas as these are more liable to hacking. Change your password if you think that any of your private accounts have become vulnerable.