Our app uses bank-grade security, encrypting all your data in transit with HTTPS (TLS 1.3) and at rest with AES-256, block-level storage encryption provided by AWS.
Multi-Factor Authentication (MFA)
We enforce MFA with strong password validation and verification codes, in the event your password gets compromised. Login and MFA cookies expire periodically.
We abide by GDPR standards to handle your personal information. We never ask you for or hold any of your bank login details. Short-lived encrypted access tokens are used to fetch bank data (via OAuth 2.0). All data is stored in the UK.
The company is regulated by the Financial Conduct Authority (FCA) and a member of the FINTRAIL FinTech FinCrime Exchange (FFE). Our payment processor, The Currency Cloud Limited, is authorised by the FCA under the Electronic Money Regulations 2011 for the issuing of electronic money.
Know Your Customer (KYC)
Customers who use rebank for payments are asked for authenticating documents and are independently checked by us to confirm the identity and activity of their company. Though rigorous, the process is very quick and simple for customers. We also regularly monitor for suspicious activity to prevent fraud.
Additional users invited by you can be given read-only access without the need to share bank login details.