Trust Center

Airwallex is proud to announce the successful renewal of our Payment Card Industry Data Security Standard (PCI DSS) Service Provider Level 1 certification. Completing this thorough certification process underlines our strong commitment to ensuring the highest levels of security and data protection for our customers. This achievement demonstrates our dedication to safeguarding sensitive payment card information and maintaining the trust of our clients and partners.

The Airwallex PCI-DSS Level 1 Certificate is available for public download here and registered accounts may access the full Attestation of Compliance via the private access portal.

To find out more about PCI DSS please visit the PCI Security Standards Council

Airwallex is committed to building a strong relationship with the information security community. In order to reward the best external contributions that help us keep our users safe, we maintain a Bug Bounty Program for Airwallex owned web properties. Starting from 13/07/2021 the Airwallex Bug Bounty Program is invite only. Issues submitted to bugbounty@airwallex.com will be handled based on priority.

Services in scope

Any Airwallex owned web service that handles reasonably sensitive user data is intended to be in scope. This includes virtually all the content in the *.airwallex.com domain.

Qualifying vulnerabilities

Any design or implementation issue that substantially affects the confidentiality or integrity of user data is likely to be in scope for the program. The program is limited to technical vulnerabilities in Airwallex owned / used web applications. Please do not attempt to carry out DoS or DDoS attacks, social engineering, spamming or do other similarly questionable things.

For more information please visit Airwallex Bug Bounty Program