English
API ReferenceSign In

Data Security

Last updated 06/12/2020

All data that flows through our system is important and confidential. It includes personal data, financial data, transaction history, and other information that passes through our system. Here are several measures that we take to keep your data safe:

  • Restricted access for your privacy, access to all of your personal and financial data that flows through our system is restricted by default. Only Xendit and you, as the owner, can access this data. For maximum security, you must access your data via SSL encrypted endpoints so that the data is transferred securely.
  • Encryption at rest for sensitive data and communication. All information is encrypted using 256-bit Advanced Encryption Standard (AES-256) which is almost impossible to decipher from its encrypted form because the cipher keys are unique and impossible to guess. This level of encryption is highly secure and used most often for communications with banks to maintain the privacy and security of customers.
  • Data Integrity Verification. We regularly verify the integrity of the data on all traffic to check for data corruption.