Protecting your money and data is fundamental to how Eduvo is built. This page summarises the measures we and our regulated partners use to keep your business safe.
Encryption
Data is encrypted in transit using industry-standard TLS, and sensitive data is encrypted at rest. Access to systems and data is restricted on a least-privilege basis and logged.
Card security
Card data is handled to PCI-DSS Level 1 — the highest level of the Payment Card Industry Data Security Standard. Cards support tokenisation for Apple Pay and Google Pay, and online payments are protected with 3-D Secure.
Authentication
Accounts are protected with multi-factor authentication and support biometric login on mobile. Payments are protected by Strong Customer Authentication (SCA) in line with PSD2.
Fraud monitoring
Transactions are monitored in real time for suspicious activity, with configurable spend controls, per-card limits, and instant freeze so you stay in control of every card.
Safeguarding of funds
Customer funds are safeguarded in segregated accounts by our regulated partner in accordance with Electronic Money Institution requirements. For more detail, see our Regulatory Disclosures.
Operational resilience
Our infrastructure is designed for resilience and continuity in line with DORA (the Digital Operational Resilience Act), with monitoring, backups, and incident-response processes.
Your role in staying secure
- Use a strong, unique password and enable multi-factor authentication.
- Set per-card limits and freeze cards you are not using.
- Be cautious of phishing — Eduvo will never ask for your full password or one-time codes.
- Keep your devices and apps up to date.
Responsible disclosure
If you believe you have found a security vulnerability, please report it to security@eduvo.io. We appreciate responsible disclosure and will work with you to investigate and resolve valid reports.
Contact
For security questions, contact security@eduvo.io.