Secure bank transfers
Whether you use Melio to pay by ACH bank transfer or get paid directly to your bank account—your private bank details are never shared with vendors or customers.
Pay with Melio. Stay secure.
It’s our top priority to be the safest, most secure payment platform. No matter how you choose to pay and get paid, we make sure you, your vendors, and your customers’ financial and private details are always secure.
Trusted by
Reduce risk when you pay and get paid digitally.
Vendors only receive checks?
We’ll send a secure check on your behalf and won’t disclose your account info. You’ll be notified once your check has been deposited.
Card payments
Melio doesn’t store, process, or transfer any sensitive card information. We use a third-party card processor which is a certified Level 1 PCI Compliant.
Compliance & certifications.
Melio works tirelessly to meet the industry’s security standards to protect customers from vulnerabilities. We follow strict international standards and regulations in order to keep your data safe.
SOC2 Type II Report
Melio undergoes an annual SOC 2 Type II audit that verifies Melio’s security controls. This certification validates our commitment to effectively managing and safeguarding customer data, crucial in utilizing third-party cloud services.
ISO/IEC 27001:
2022
The most rigorous global security standard for Information Security Management Systems (ISMS).
ISO/IES 27017:
2015 – Cloud Security
Provides controls and implementation guidance for both cloud service providers and cloud service customers. Gives guidelines for information security controls applicable to the provision and use of cloud services.
ISO/IES 27018:
2019 – Cloud Privacy
Establishes commonly accepted control objectives, controls, and guidelines for implementing measures to protect Personally Identifiable Information (PII).
Advanced security to keep you at ease.
Melio ensures your bank account details and other private information is protected with encryption. We use The Transport Layer Security (TLS 1.2+) protocol for data in transit. Plus, our secure infrastructure provides backup protection.
PCI Compliant
Designed to protect sensitive cardholder data, Melio works with third parties that are PCI compliant Level 1 service providers (the highest level).
Multi-factor authentication
Our payment protection starts the moment you sign up to Melio, with multi-factor authentication. This guarantees you’re the only one who can access your account.
Advanced technology
We’ve invested in robust security technology and automation tools and have built them into Melio’s platform and work processes.
Security Monitoring
Our team monitors 24/7 for any suspicious activity and continually conducts software security reviews.
DDoS Protection
Our servers are guarded by advanced anti-bot services that ensure the Melio platform is always up and running.
Security as a culture
All Melio employees undergo security training. The development team follows a strict SDLC process, including a private bug bounty program.
PCI Compliant
Designed to protect sensitive cardholder data, Melio works with third parties that are PCI compliant Level 1 service providers (the highest level).
Multi-factor authentication
Our payment protection starts the moment you sign up to Melio, with multi-factor authentication. This guarantees you’re the only one who can access your account.
Advanced technology
We’ve invested in robust security technology and automation tools and have built them into Melio’s platform and work processes.
Security Monitoring
Our team monitors 24/7 for any suspicious activity and continually conducts software security reviews.
DDoS Protection
Our servers are guarded by advanced anti-bot services that ensure the Melio platform is always up and running.
Security as a culture
All Melio employees undergo security training. The development team follows a strict SDLC process, including a private bug bounty program.
1
/
6
FAQ
Yes, Melio uses the following methods to encrypt customer data:
- Data at rest is encrypted using AES-256.
- Data in transit across open networks is encrypted using TLS 1.3 (at minimum, TLS 1.2).
- User passwords are hashed and salted.
Melio does not store/process/transfer credit card numbers on its systems but uses a card processor that is certified Level 1 PCI Compliant (which requires an annual independent security audit of its processes and systems). Melio tests the system daily (manually and automatically) to ensure security.
Bugcrowd, our Bug Bounty Program, gives security researchers and customers a way to safety test and notify Melio of any security vulnerability. If you think you have discovered a problem with your account please email security@melio.com.
Our ISO certificates are available upon request at security@melio.com.
SOC2 Type II Report may require an NDA upon request to security@melio.com.
Yes. Our security efforts are guided and monitored by our VP Security and Security Team and wider Security Forum, composed of representatives from Infrastructure, R&D, Operations, Legal, and IT Teams.
