Safety, security, and stability at the core
As a payment platform, we know that youโve put your most sensitive business in our hands, which is why we do everything possible to be the safest and most secure platform available. As a regulated entity we are obliged to follow the strictest security practices, but on top of that, we have made additional investments to ensure that the security of our customersโ funds and data is always our top priority. Furthermore, we have implemented the most robust controls and, in building relationships with financial leaders, we protect your earnings and provide you with the safest and most secure platform to hold your funds.
Trusted by the worldโs leading digital brands
Payoneer is licensed and regulated by multiple government regulators
As a regulated financial institution, customer funds that are managed by Payoneer are kept in segregated, safeguarded accounts by legal requirement.
Your funds are:
Held at low-risk financial institutions
Always liquid
Never loaned out
Never impacted by corporate operational activities
Our core obligation at Payoneer is to protect your funds and prevent money laundering. As a regulated entity, we provide multi-jurisdictional compliance assurances to your business. When partnering with us, you can be assured that all your payee disbursements are made through a fully compliant, secure and tightly audited payments platform that is recognized by financial regulators all around the world.
Multi-jurisdictional licenses
MSB Registration No. 31000264700512
Registered Money Services Business (MSB) and prepaid access provider with Financial Crimes Enforcement Network (FinCEN).โLicensed Money Transmitter in 51 states and territoriesโ.
Reference No. C189473
E-money institution authorized by the Central Bank of Ireland, passported throughout the European Economic Area (EEA).
Reference number 966835
E-money institution authorized by the UK’s Financial Conduct Authority
License No. 15-10-01734
Licensed Money Service Operator with the Hong Kong Customs and Excise Departmentโ.
Registration No. 00045
Registered Fund Transfer Service Provider with the Kanto Finance Bureau (KFB).
Licence No. 504803
Licensed by the Australian Securities & Investments Commission (ASIC) to deal in non-cash payment products.
LO UIN No. MULO16008013
Online Payment Gateway Service Provider (OPGSP) registered with the Reserve Bank of India.
License No.ย PS20200604
Major Payment Institution (MPI) registered with the Monetary Authority of Singapore.
Our infrastructure is built on leading global banking partners
By working with a network of the largest and most stable banks around the world, we have built an industry-leading infrastructure, designed to keep your funds safe.
Our Risk Committee reviews risk rates and manages where customer funds are held โ ensuring that if any institution has risk we will move the funds to safer banks.
By putting your trust in Payoneer, you not only get the benefits of a diversified bank portfolio that you wouldnโt necessarily be able to access on your own but also the most sophisticated risk management oversight in the industry. Your stability is our priority.
Our partner banks include:
Payoneer is audited for full transparency
Payoneerโs financial statements are audited annually and reviewed quarterly by PwC ensuring the highest level of oversight. Furthermore, our internal compliance program is reviewed by world-class compliance audit firms.
External audits concluded no material weaknesses found 99% of total global balance has ratings of โinvestment grade or betterโ PCI DSS level 1 certified SOC 2 Type II and SOC 1 Type II assessment conducted by independent audit firm in accordance with American Institute of Certified Public Accountants
Our auditors include
Keeping Payoneer accounts safe from hackers
Over 4 million customers worldwide rely on us to manage their cross-border payments and help grow their businesses. Your accountโs security is our top priority, and with our multi-layered approach you can feel confident that your account is safe:
Payoneer uses 2-step verification to help ensure that no malicious actors are able to break into your account. 2-step verification adds an extra step to certain account-related activities by sending a code to your mobile device or via phone call, which youโll need to enter in before you can continue navigating through your account.
We use CAPTCHA challenges in several places on our system, including our login page. This prevents bots from brute forcing a user account.
RSA adaptive authentication is an intuitive user verification system that evaluates risk factors, e.g., country, IP address and transaction size to flag any account abnormalities. After detecting activity that might signal an ATO, the system issues additional identification steps, such as security questions,
To prevent account takeovers, we employ a number of proactive methods that keep bots and hackers from reaching a userโs account. These include: Web Application Firewalls, Bot-locating software, Duplicate site-tracking, Proactive user-account searches and more.
We use complex risk model and behavior profiling programs to analyze suspicious user transactions. The information we get from these analyses is then used to predict malicious future behavior that might signal an account takeover.
At Payoneer we invest substantial time and resources in the latest security protocols and technologies to keep your Payoneer account and card secure. It is our highest priority to create and maintain a secure environment so you can access your account and manage your financial transactions with complete peace of mind.
Payoneer uses 2-step verification to help ensure that no malicious actors are able to break into your account. 2-step verification adds an extra step to certain account-related activities by sending a code to your mobile device or via phone call, which youโll need to enter in before you can continue navigating through your account.
At Payoneer, every transaction is heavily guarded behind firewalls and sophisticated anti-hacking techniques. Each and every transaction is monitored to prevent fraud, identity theft, phishing encounters, and other attacks.
Should an attempted attack be identified, our dedicated teams of security specialists investigate the source and take precautions to protect your account, as well as those of other account holders.
When updating your account information you will receive email notifications from Payoneer. If any unusual account activity is detected, you will receive an email from us detailing the transaction. Should you not recognize this transaction, you will be provided an option to contact our support department night or day.
To verify your identity when calling us, we may ask you questions such as account information and/or personal details.
Tips for protecting yourself online
- Prevent Malware Infections: To defend against viruses, malware, and other online threats make sure to keep your security software, your operating system and browsers updated and current in order. Always remember to also set automatic updating if available.
- Maintain Strong Passwords: The best passwords are long and contain letters, capital letters, numbers and certain symbols in a sequence that do not form a word. Do not use the same password for other accounts. If you keep a written record of your passwords, keep them away from your devices and store in a safe place.
- Use Anti-Virus Software: Use trusted anti-virus software, and keep it up-to-date.
- Logging on to Public Wi-Fi: Limit the type of business you conduct in public Wi-Fi hotspots, as your computer could be exposed to strangers who share that network, including predators that hide on those networks, waiting for an innocent victim to log on.
- Be Aware of Suspicious Senders: Be very suspicious of communications that ask you to act immediately.
- Connect Securely: Only submit payment information, personal information or access credentials over a secure connection. Make sure to look for โHTTPSโ as part of the URL address and check the SSL* certificateโs validity.
- Watch Out for Bogus Websites: Be suspicious of any unusual looking websites โ for example, often long website addresses are indicative of an attempt to fool the user.
- Remember to Log Out: Make sure to sign out from Payoneer and other websites after completing your visit. If you are using a public computer, delete your browsing history.
* SSL- A Secure Sockets Layer Certificate (SSL) is a digital certificate that validates the authentication of a website and encrypts any personal/sensitive information sent across the internet so only the intended recipient can understand it. This is very important, as personal information is passed from one computer to another to get to the destination server, and with an SSL Certificate you can be sure that you are sending information to the right server.
The Payoneer password selection page will prompt you to create a unique and difficult-to-crack password. Avoid easy patterns such as โ1234โ or โPASSWORDโ, birthdays or family names.
Strong passwords should be 12 or more random, unrepeated characters, and should contain ALL of the following characteristics:
- Lower case characters
- Upper case characters
- Numbers
- Punctuation & โSpecialโ characters (e.g.!@#$ %) โ only select symbols that you can access from the keyboard, and that you can also access if you use a smartphone
- Never share your passwords with anyone. Passwords are sensitive, confidential and personal codes.
- Passwords should not be kept next to or written on your Payoneer card.
- Do not reveal a password in any email, chat, or other electronic communication.
- Do not speak about a password near others.
- Do not hint at the format of a password (e.g., โmy dogโs nameโ).
- Never reveal a password on questionnaires or security forms.
- If someone demands a password, refuse them. Refer them to this Payoneer instruction set.
If you suspect that your Payoneer account has been accessed without permission, immediately contact us and then change your password.
Phishing is a type of Internet fraud in which a person attempts to acquire a userโs sensitive information by presenting itself as a trustworthy entity (Payoneer, in our example). This information includes theft of credit card numbers, usernames, passwords, bank account details and other confidential information.
These malicious entities then use this information for making online purchases and may commit identity theft, meaning they pose as the person whose details they have stolen in order to receive new credit cards, ID cards, and more.
To report a phishing attempt / attack click here.
Stay safe by following these rules:
- Never send Payoneer card information in an email, text message or via social media.
- Likewise, never send your Payoneer account password or username in an email, text message or other social media messages.
- Refrain from opening links from an unknown origin (even if there is no website, it doesnโt mean you will not end up downloading a Trojan to your PC).
We recommend that you review these simple security tips:
- Never write your 4-digit PIN on your Payoneer card, and donโt keep it on a slip of paper in your wallet.
- One of the simplest ways to protect yourself from ATM skimmers is to cover the PIN pad when you enter your digits.
- Never provide your full card number to anyone โ even a Payoneer representative will only ask you for the last four digits of your card.
- Shred statements and receipts that show your card information before discarding.
- Donโt leave your Payoneer card face up with numbers showing in plain sight of strangers.
- Report lost or stolen cards to Payoneer immediately.
Click here to view the Payoneer โPreventing Identity Theft Infographicsโ.
Learn more about protecting your account against phishing attacks
Using the payoneer mobile app safely
- Maintaining physical control of your device is the primary level of protection.
- Keep it updated, as operating systems and applications provide patches and fixes for even the most recent security issues.
- Use a passcode or PIN to protect your device and data. Install and enable remote wipe features so that, if your smartphone is stolen or lost, you can remotely wipe it clean of any of your personal information or access to your mail.
- Lock your phone and allow it to re-lock after 30 seconds or so of inactivity.
- Use trusted Wi-Fi networks. Connecting your device to unknown wireless networks can potentially expose your data.
- Turn off Bluetooth, Wi-Fi, NFC (Near Field Communication) and other connections when theyโre not being used so they cannot be used to access your device.
- Donโt jail break or root your smart phone or tablet. Be aware that jail breaking or rooting your device may expose your device to malicious software.
Reporting fraud
If you receive a suspected โphishingโ email, spam, or other suspicious emails claiming to be from Payoneer please do not click on any links or answer it. Instead, forward it to our customer support and a Payoneer representative will get back to you as soon as possible.
When you forward the suspicious message, add the phrase โSuspected Phishing Emailโ to the subject.
If your card has been lost or stolen, or if you suspect that you are a victim of fraud or identity theft please contact us immediately. Or, call us immediately at +1 (646) 386-2434 in the United States, 24 hours a day, 7 days a week.
Where we are required to segregate your funds, we do so by placing the funds in a segregated account (known as a โsafeguarding accountโ) at Barclays Bank Plc. Where we have segregated your funds in a safeguarding account, it means those funds would be separated from our other assets in the event of our insolvency and used to repay you and other clients. Barclays Bank PLC provides us with safeguarding account(s), but does not monitor the funds we place on the safeguarding account or how we operate these accounts.