When dealing with monetary transactions, the highest level of security must be obtained and maintained at all architecture levels. This applies both for the client using the service and the provider of the service.

The password of the user account must be chosen with care and should be unique, not similar to any other password being used within the organisation. Also make sure passwords are not visible in log files.

Please inform Trustly of the IP-addresses / IP-range from which you will be accessing the service.

All communication between services, both internally between servers, and externally with Internet-servers, is encrypted using SSL to prevent eavesdroppning.


TLS version

Please note that TLS 1.2 must be used for all requests that are sent to Trustly's API. TLS 1.0 and TLS 1.1 are no longer supported.

The entire system is fully redundant, both at software component level and physical level.