Our engineering and InfoSec teams regularly train in several different areas including cryptography knowledge, OWASP Top 10 and other topics relevant to the Dwolla Platform.
We share information security approaches locally and nationally to help shape the security community.
Continual internal and external testing helps Dwolla’s InfoSec team identify and understand the tactics adversaries will use—and how to proactively stop them to keep data safe.
Solutions that are only secure in theory are not acceptable. We partner with third-party providers to test, attack and evaluate our security controls to confirm they work.
Interested in more information about our security practices?Read the White Paper
We take protecting data seriously. Dwolla maintains a SOC 2 report, which provides independent, third-party attestation that we are taking the appropriate steps to protect our systems and your data.
By partnering with AWS and Cloudflare—companies that take security as seriously as we do—and by taking a proactive stance to monitor for potential risks, Dwolla provides layers of reliable security.
Strong Access Controls
With data as precious as financial information, make sure only the right people have the right access. Using OAuth authentication and scoping, sensitive information is only available using a temporary and constantly changing key (or token), protecting your data from adversaries.
Think you’ve found a security issue with a Dwolla system or application? Contact email@example.com to report it for validation and get an invite to our bug bounty program.
Meet Your Payment Partner
Learn the benefits of partnering with Dwolla to access the ACH Network for payments. Sign up today.Sign Up