Securing a Payment API

Our approach to protecting data decreases the risk of security incidents and increases peace of mind when enabling online payments.

infosec white paper graphic

Shielded From the Adversaries

In an industry where trust is paramount, our sophisticated security practices give businesses confidence that their data is being protected.

Ongoing Education

Our Engineering and InfoSec teams regularly train in several different areas including security best practices, cryptography, protections against common vulnerabilities, our software development lifecycle, and other topics relevant to the Dwolla Platform.

Community Conscious

We share our information security knowledge with clients, partners, and professional organizations to support the security community.

Never Done

Continuous internal and external testing helps our InfoSec team to stay ahead of the tactics adversaries are using to access sensitive information.

Encryption & Tokenization

We encrypt sensitive data at rest and in transit, and use token identifiers with no intrinsic value when referencing sensitive data elements.
Interested in more information about our security practices?
Read the White Paper

Security is in our DNA

With Dwolla as your payment partner, avoid any major disruptions to your business while remaining in compliance.

Dwolla Security DNA Graphic

Proven Practices

We maintain a SOC 2 Type II report for our ACH offering and a PCI DSS certification for our Push-to-Debit offering to ensure our customers that we’re taking appropriate steps to protect systems and data.

Security Bottom to Top

We have layers of security that start with our partners—companies that take security as seriously as we do—weave into everything we do at Dwolla, and extend to reviewing the security practices of our clients.

Strong Access Controls

Using the OAuth 2 standard for API authentication and authorization, sensitive information is only available using a temporary and constantly changing token, protecting your data from adversaries.

Think you’ve found a security issue with a Dwolla system or application? Contact security@dwolla.com to report it for validation and get an invite to our bug bounty program.

Start Facilitating Online Payments

Partnering with Dwolla means having access to a programmable payment platform for online payments.
Sign Up Now