Security
Security & Vulnerability Disclosure
Switchio, operated by Monet+, is committed to maintaining the highest level of security for the Switchio platform and related products and services.
We welcome responsible security research and encourage the reporting of potential vulnerabilities.
Reporting a Security Vulnerability
If you believe you have identified a security vulnerability affecting Switchio products, services, APIs, or websites, please report it to:
Email: security@switchio.com
Subject: Security Vulnerability Report
To help us investigate this efficiently, please submit the report in English and include the following details:
- Description of the vulnerability
- Affected product and version
- Steps to reproduce the issue (including proof-of-concept if available)
- Potential impact
- Your contact information
We aim to acknowledge receipt of your report within 3 business days.
Our Commitment
All reports are handled in accordance with our internal vulnerability management procedures.
Switchio will not initiate legal action against individuals who report vulnerabilities in good faith and in compliance with this policy.
Responsible Disclosure Guidelines
We kindly request that researchers:
- Do not publicly disclose the vulnerability before it has been investigated and resolved
- Do not exploit the vulnerability beyond what is necessary to demonstrate its existence
- Do not access, modify, or delete data that does not belong to you
Scope
Out of scope:
- Standard product bugs, functional defects, usability issues, or feature requests (these should be reported via standard Switchio Support channel https://jira.monetplus.cz/servicedesk/customer/portal/7)
- Third-party services integrated with Switchio
This policy applies to:
- Switchio Platform backend services and APIs
- Switchio SoftPOS Solution
- Official switchio.com websites