We take security very
seriously.

We use the same security measures as your bank does.

22seven adheres to the same procedures and standards used by banks, the military and governments around the world. Our security is also regularly, independently reviewed and audited by industry experts.

Your information is always encrypted.

256-bit encryption, certified by Entrust, keeps your information indecipherable and private, always.

You can feel reassured because we’re compliant.

22seven complies to the Promotion of Access to Information Act (PAIA) No. 2 of 2000 and to address the requirements of the Protection of Personal Information Act (POPIA) No. 4 of 2013. 

22seven is READ ONLY. No one can touch your money.

When you link accounts to 22seven, you give us “read-only” access. That means we can only fetch your information to show it to you. No one can move money from your linked accounts - not even you.

How your account login details are kept safe.

The usernames, passwords and other authentication information you provide to us are passed, in encrypted format, directly through to Yodlee – our information aggregation partner. 22seven never stores them. Yodlee stores them in encrypted format and only the system that actually collects your information is able to decrypt them when required to do so. At no time can 22seven or Yodlee staff access your credentials. Yodlee’s security overview provides more information on their security.

How your information is kept secure while travelling over the internet.

All information that is transferred over the Internet between your computer or device and our servers is encrypted using 256-bit encryption. We use an Extended Validation SSL certificate provided by Entrust - a globally trusted digital certificate authority. This ensures that, even if intercepted, your information remains protected. In addition, all information transferred between our servers and those of our service providers, like Yodlee, is encrypted. This ensures that at no time is your information visible in clear-text whilst in transit.

More about Entrust
How the physical servers that hold your information are secured.

All our servers are hosted in a secure Internet hosting facility operated by an industry-leading hosting-provider. Their facilities are certified against the internationally recognised ISO27001 security standard and validated under the Payment Card Industry Data Security Standard (PCI DSS).

More about PCI DSS
Who has access to the servers and other technology that holds your information.

Access to our servers, databases and other infrastructure as well as internal systems is very tightly restricted. Only the 22seven team members who absolutely have to have access are able to do so. We regularly review each individual’s access rights and make necessary changes to ensure that we adhere to our ‘only the information you need’ policy.

Help centre conversation
How we know our security is up to standard.

The usernames, passwords and other authentication information you provide to us are passed, in encrypted format, directly through to Yodlee – our information aggregation partner. 22seven never stores them. Yodlee stores them in encrypted format and only the system that actually collects your information is able to decrypt them when required to do so. At no time can 22seven or Yodlee staff access your credentials. Yodlee’s security overview provides more information on their security.

Need more peace of mind?
If you have questions, however simple or technical, we’d like to answer them.
Please email us.