Melio uses state-of-the-art cryptographic algorithms during data transmission (HTTPS with RSA 2048-bit key and SHA 256 certificate) and in our databases (AES 256 encryption keys). Melio holds a SOC 2 Type 2 and ISO 27001, 27017 and 27018 certifications, and data is hosted in SOC 1, 2 and 3 certified data centers with 24×7 monitoring.
The PCI DSS certification process is designed to protect your credit card sensitive data. Melio does not store any credit card sensitive information on the servers but uses a card processor which is a certified Level 1 PCI Compliant Service Provider (the highest level), which requires an annual independent security audit of its processes and systems. Melio and our 3rd party card processor test the system daily (manually and automatically) to ensure security.
Protecting your money
Customer funds are held in a protected account by our bank providers until the funds are delivered to your vendor, so your funds are never at risk.
Training and education
All Melio employees undergo security training. The development team follows strict SDLC process which includes security validations and penetration tests.
Reporting and disclosure
We investigate all reported vulnerabilities, so if you think you have discovered a problem with your account please email email@example.com