Overview
Airwallex is committed to upholding a strong security presence as well as complying with legal and regulatory requirements. Information Security remains at the heart of everything we do and is embedded within the Airwallex culture.
Compliance




Documents
Product Security
Reports
Data Security
App Security
Legal
Access Control
Infrastructure
Endpoint Security
Network Security
Corporate Security
Policies
Security Grades
Trust Center Updates
Airwallex is committed to building a strong relationship with the information security community. In order to reward the best external contributions that help us keep our users safe, we maintain a Bug Bounty Program for Airwallex owned web properties. Starting from 13/07/2021 the Airwallex Bug Bounty Program is invite only. Issues submitted to bugbounty@airwallex.com will be handled based on priority.
Services in scope
Any Airwallex owned web service that handles reasonably sensitive user data is intended to be in scope. This includes virtually all the content in the *.airwallex.com domain.
Qualifying vulnerabilities
Any design or implementation issue that substantially affects the confidentiality or integrity of user data is likely to be in scope for the program. The program is limited to technical vulnerabilities in Airwallex owned / used web applications. Please do not attempt to carry out DoS or DDoS attacks, social engineering, spamming or do other similarly questionable things.
For more information please visit Airwallex Bug Bounty Program
If you think you may have discovered a vulnerability, please send us a note.