Safety, security, and stability at the core

As a payment platform, we know that you’ve put your most sensitive business in our hands, which is why we do everything possible to be the safest and most secure platform available. As a regulated entity we are obliged to follow the strictest security practices, but on top of that, we have made additional investments to ensure that the security of our customers’ funds and data is always our top priority. Furthermore, we have implemented the most robust controls and, in building relationships with financial leaders, we protect your earnings and provide you with the safest and most secure platform to hold your funds.

Trusted by the world’s leading digital brands

google logo
airbnb logo
upwork logo
fiverr logo

Payoneer is licensed and regulated by multiple government regulators

As a regulated financial institution, customer funds that are managed by Payoneer are kept in segregated, safeguarded accounts by legal requirement.

Your funds are:

Held at low-risk financial institutions
Always liquid
Never loaned out
Never impacted by corporate operational activities

Our core obligation at Payoneer is to protect your funds and prevent money laundering. As a regulated entity, we provide multi-jurisdictional compliance assurances to your business. When partnering with us, you can be assured that all your payee disbursements are made through a fully compliant, secure and tightly audited payments platform that is recognized by financial regulators all around the world.

Multi-jurisdictional licenses

MSB Registration No. 31000194393184
Registered Money Services Business (MSB) and prepaid access provider with Financial Crimes Enforcement Network (FinCEN).​Licensed Money Transmitter in 51 states and territories​.

Reference No. C189473
E-money institution authorized by the Central Bank of Ireland, passported throughout the European Economic Area (EEA).

Reference number 966835
E-money institution authorized by the UK’s Financial Conduct Authority

License No. 15-10-01734
Licensed Money Service Operator with the Hong Kong Customs and Excise Department​.

Registration No. 00045
Registered Fund Transfer Service Provider with the Kanto Finance Bureau (KFB).

Licence No. 504803
Licensed by the Australian Securities & Investments Commission (ASIC) to deal in non-cash payment products.

LO UIN No. MULO16008013
Online Payment Gateway Service Provider (OPGSP) registered with the Reserve Bank of India.

fincen
minister of finance of japan 1

What are Suspicious Activity Reports (SARs) and what is the role of FinCEN?

Suspicious Activity Reports (SARs) are highly confidential filings that are made to FinCEN by banks and other financial institutions concerning activity that they consider to be potentially suspicious. FinCEN is the Financial Crimes Enforcement Network, a bureau of the United States Department of the Treasury. Payoneer is a Money Services Business (MSB) registered with FinCEN and as such is required to comply with the Bank Secrecy Act (BSA) and other relevant Anti-Money Laundering (AML) laws and regulations applicable to MSBs in the U.S. Payoneer files SARs on a regular basis as part of its regulatory responsibility to help improve the security of the platform, its customers and the safety of their money. SARs are not, on their own, an indication of wrongdoing.

All payments processed through Payoneer are made through a fully compliant, secure and tightly audited payments platform that is recognized by financial regulators all around the world. Payoneer operates globally, is regulated in a number of jurisdictions, and its compliance record speaks for itself.

FinCEN has conducted an audit of Payoneer in which it delivered a completely clean bill of health with zero findings. SARs do not lead to any presumption of guilt, and the FinCEN clean audit provides evidence that Payoneer’s compliance program meets the standards expected of it. Furthermore, Payoneer uses quality external auditors from top 4 global firms that are complementary of its compliance program. Payoneer’s compliance program meets the highest standards of integrity and accountability in a very highly regulated and closely scrutinized industry.

Our infrastructure is built on leading global banking partners

By working with a network of the largest and most stable banks around the world, we have built an industry-leading infrastructure, designed to keep your funds safe.

Our Risk Committee reviews risk rates and manages where customer funds are held – ensuring that if any institution has risk we will move the funds to safer banks.

By putting your trust in Payoneer, you not only get the benefits of a diversified bank portfolio that you wouldn’t necessarily be able to access on your own but also the most sophisticated risk management oversight in the industry. Your stability is our priority.

Our partner banks include:

barclays 1
rbs 1
citibank 1
deutsche bank 1
dbs 1
Bank of America 1

Payoneer is backed by top investors

Founded in 2005, Payoneer is truly a pioneer of the fintech space, building a profitable unicorn with a truly global footprint. We have built a platform over the past 15 years under the leadership of top executives and with the backing of leading investors, including some of the largest and most prestigious firms in the world.

Our Board of Directors features figures like ex-VISA president and Citibank executive Hans Morris and ex-SWIFT CEO Lazaro Campos. With their guidance we are committed to building towards the future with safety and security at the core.

Our investors include:

viola
Wellington Management
TemasekHoldings
nyca
dbs
pingan
susquehanna

Payoneer is audited for full transparency

registery service providers

Payoneer’s financial statements are audited annually and reviewed quarterly by PwC ensuring the highest level of oversight. Furthermore, our internal compliance program is reviewed by world-class compliance audit firms.

External audits concluded no material weaknesses found 99% of total global balance has ratings of ‘investment grade or better’ PCI DSS level 1 certified SOC 2 Type II and SOC 1 Type II assessment conducted by independent audit firm in accordance with American Institute of Certified Public Accountants

Our auditors include

Chartwell
bdo
kpmg

Keeping Payoneer accounts safe from hackers

Over 4 million customers worldwide rely on us to manage their cross-border payments and help grow their businesses. Your account’s security is our top priority, and with our multi-layered approach you can feel confident that your account is safe:

Payoneer uses 2-step verification to help ensure that no malicious actors are able to break into your account. 2-step verification adds an extra step to certain account-related activities by sending a code to your mobile device or via phone call, which you’ll need to enter in before you can continue navigating through your account.

We use CAPTCHA challenges in several places on our system, including our login page. This prevents bots from brute forcing a user account.

RSA adaptive authentication is an intuitive user verification system that evaluates risk factors, e.g., country, IP address and transaction size to flag any account abnormalities. After detecting activity that might signal an ATO, the system issues additional identification steps, such as security questions,

To prevent account takeovers, we employ a number of proactive methods that keep bots and hackers from reaching a user’s account. These include: Web Application Firewalls, Bot-locating software, Duplicate site-tracking, Proactive user-account searches and more.

We use complex risk model and behavior profiling programs to analyze suspicious user transactions. The information we get from these analyses is then used to predict malicious future behavior that might signal an account takeover.

At Payoneer we invest substantial time and resources in the latest security protocols and technologies to keep your Payoneer account and card secure. It is our highest priority to create and maintain a secure environment so you can access your account and manage your financial transactions with complete peace of mind.

Payoneer uses 2-step verification to help ensure that no malicious actors are able to break into your account. 2-step verification adds an extra step to certain account-related activities by sending a code to your mobile device or via phone call, which you’ll need to enter in before you can continue navigating through your account.

At Payoneer, every transaction is heavily guarded behind firewalls and sophisticated anti-hacking techniques. Each and every transaction is monitored to prevent fraud, identity theft, phishing encounters, and other attacks.

Should an attempted attack be identified, our dedicated teams of security specialists investigate the source and take precautions to protect your account, as well as those of other account holders.

When updating your account information you will receive email notifications from Payoneer. If any unusual account activity is detected, you will receive an email from us detailing the transaction. Should you not recognize this transaction, you will be provided an option to contact our support department night or day.

To verify your identity when calling us, we may ask you questions such as account information and/or personal details.

Tips for protecting yourself online

  • Prevent Malware Infections: To defend against viruses, malware, and other online threats make sure to keep your security software, your operating system and browsers updated and current in order. Always remember to also set automatic updating if available.
  • Maintain Strong Passwords: The best passwords are long and contain letters, capital letters, numbers and certain symbols in a sequence that do not form a word. Do not use the same password for other accounts. If you keep a written record of your passwords, keep them away from your devices and store in a safe place.
  • Use Anti-Virus Software: Use trusted anti-virus software, and keep it up-to-date.
  • Logging on to Public Wi-Fi: Limit the type of business you conduct in public Wi-Fi hotspots, as your computer could be exposed to strangers who share that network, including predators that hide on those networks, waiting for an innocent victim to log on.
  • Be Aware of Suspicious Senders: Be very suspicious of communications that ask you to act immediately.
  • Connect Securely: Only submit payment information, personal information or access credentials over a secure connection. Make sure to look for ‘HTTPS’ as part of the URL address and check the SSL* certificate’s validity.
  • Watch Out for Bogus Websites: Be suspicious of any unusual looking websites – for example, often long website addresses are indicative of an attempt to fool the user.
  • Remember to Log Out: Make sure to sign out from Payoneer and other websites after completing your visit. If you are using a public computer, delete your browsing history.

* SSL- A Secure Sockets Layer Certificate (SSL) is a digital certificate that validates the authentication of a website and encrypts any personal/sensitive information sent across the internet so only the intended recipient can understand it. This is very important, as personal information is passed from one computer to another to get to the destination server, and with an SSL Certificate you can be sure that you are sending information to the right server.

The Payoneer password selection page will prompt you to create a unique and difficult-to-crack password. Avoid easy patterns such as ‘1234’ or ‘PASSWORD’, birthdays or family names.

Strong passwords should be 12 or more random, unrepeated characters, and should contain ALL of the following characteristics:

  • Lower case characters
  • Upper case characters
  • Numbers
  • Punctuation & “Special” characters (e.g.!@#$ %) – only select symbols that you can access from the keyboard, and that you can also access if you use a smartphone
  • Never share your passwords with anyone. Passwords are sensitive, confidential and personal codes.
  • Passwords should not be kept next to or written on your Payoneer card.
  • Do not reveal a password in any email, chat, or other electronic communication.
  • Do not speak about a password near others.
  • Do not hint at the format of a password (e.g., “my dog’s name”).
  • Never reveal a password on questionnaires or security forms.
  • If someone demands a password, refuse them. Refer them to this Payoneer instruction set.

If you suspect that your Payoneer account has been accessed without permission, immediately contact us and then change your password.

Phishing is a type of Internet fraud in which a person attempts to acquire a user’s sensitive information by presenting itself as a trustworthy entity (Payoneer, in our example). This information includes theft of credit card numbers, usernames, passwords, bank account details and other confidential information.

These malicious entities then use this information for making online purchases and may commit identity theft, meaning they pose as the person whose details they have stolen in order to receive new credit cards, ID cards, and more.

To report a phishing attempt / attack click here.

Stay safe by following these rules:

  1. Never send Payoneer card information in an email, text message or via social media.
  2. Likewise, never send your Payoneer account password or username in an email, text message or other social media messages.
  3. Refrain from opening links from an unknown origin (even if there is no website, it doesn’t mean you will not end up downloading a Trojan to your PC).

We recommend that you review these simple security tips:

  1. Never write your 4-digit PIN on your Payoneer card, and don’t keep it on a slip of paper in your wallet.
  2. One of the simplest ways to protect yourself from ATM skimmers is to cover the PIN pad when you enter your digits.
  3. Never provide your full card number to anyone – even a Payoneer representative will only ask you for the last four digits of your card.
  4. Shred statements and receipts that show your card information before discarding.
  5. Don’t leave your Payoneer card face up with numbers showing in plain sight of strangers.
  6. Report lost or stolen cards to Payoneer immediately.

Click here to view the Payoneer ‘Preventing Identity Theft Infographics’.

Using the payoneer mobile app safely

  • Maintaining physical control of your device is the primary level of protection.
  • Keep it updated, as operating systems and applications provide patches and fixes for even the most recent security issues.
  • Use a passcode or PIN to protect your device and data. Install and enable remote wipe features so that, if your smartphone is stolen or lost, you can remotely wipe it clean of any of your personal information or access to your mail.
  • Lock your phone and allow it to re-lock after 30 seconds or so of inactivity.
  • Use trusted Wi-Fi networks. Connecting your device to unknown wireless networks can potentially expose your data.
  • Turn off Bluetooth, Wi-Fi, NFC (Near Field Communication) and other connections when they’re not being used so they cannot be used to access your device.
  • Don’t jail break or root your smart phone or tablet. Be aware that jail breaking or rooting your device may expose your device to malicious software.

Reporting fraud

If you receive a suspected ‘phishing’ email, spam, or other suspicious emails claiming to be from Payoneer please do not click on any links or answer it. Instead, forward it to our customer support and a Payoneer representative will get back to you as soon as possible.

When you forward the suspicious message, add the phrase “Suspected Phishing Email” to the subject.

If your card has been lost or stolen, or if you suspect that you are a victim of fraud or identity theft please contact us immediately. Or, call us immediately at +1 (646) 386-2434 in the United States, 24 hours a day, 7 days a week.