Security

Secure technology

Melio uses state-of-the-art cryptographic algorithms during data transmission (HTTPS with RSA 2048 bit key and SHA 256 certificate) and in our databases (AES 256 encryption keys). Our servers are kept in PCI and SOC 1, 2, and 3 certified data centers with 24×7 monitoring.

PCI Compliant

The PCI DSS certification process is designed to protect your credit card sensitive data. Melio does not store any credit card sensitive information on the servers but uses a card processor (TabaPay) which is a certified Level 1 PCI Compliant Service Provider (the highest level), which requires an annual independent security audit of its processes and systems. Melio and our 3rd party card processor test the system daily (manually and automatically) to ensure security.

Protecting your money

Customer funds are held in a protected account by our bank providers Evolve Bank & Trust, Silicon Valley Bank and JPMorgan Chase Bank, N.A., until the funds are delivered to your vendor, so your funds are never at risk.

Training and education

All Melio employees undergo security training. The development team follows strict SDLC process which includes security validations and automatic penetration test.

Reporting and disclosure

We investigate all reported vulnerabilities, so if you think you have discovered a problem with your account please email security@meliopayments.com