Security has been considered right the way through and has been designed to reduce interactions that increase risk. For example there is no means to instantly withdraw cash particularly into a new account.
This continues in the actual product and process design. For example all bank details are automatically validated, to confirm the owner with the bank before any transactions are effected.
The app itself has no confidential information stored on the device e.g. password or bank details.
All communications between device and our systems are over HTTPS (encrypted) with SSL certificates.
The user session is protected with tokens to prevent impersonation.
The app is protected by virtue of the device’s security measures, passcodes and biometrics.
All user credentials are hashed and hence even if our database was compromised, it would not allow someone access.