Security

Funds and data under multi-layer protection: HSM, encryption, AI transaction monitoring and 24/7 SOC.

Report an incident
Security
Encryption

Data and channels

TLS 1.3, AES-256 at rest and HSM for keys, signatures and crypto operations.

All channels with the bank are encrypted end-to-end. Data in EU data centres (Frankfurt, Luxembourg DR) — with environment segregation and key rotation.

Client crypto keys do not leave HSM without multi-signature. Backups and audit logs protected by a separate KMS.

  • In transit

    TLS 1.3, certificate pinning in the mobile app, mTLS for Corporate API.

  • At rest

    AES-256 database and backup encryption, key separation across prod/sandbox environments.

  • Keys

    FIPS 140-2 Level 3 HSM, quarterly key ceremony and dual control for administrators.

Circle Banking encryption and data protection
Fraud prevention — Circle Banking
Fraud

Fraud prevention

ML models and real-time rules on every transaction — fiat and crypto.

The system assesses risk before payment execution: device, geolocation, counterparty, velocity and sanctions lists.

  • AI scoring

    Behavioural profile, session anomalies and correlation with known fraud schemes.

  • Alerts

    Push/SMS on unusual activity; block until confirmation in the app.

  • Vishing

    Client education: the bank never requests OTP or passwords by phone.

Operations

SOC and testing

Continuous monitoring, external audits and a responsible vulnerability disclosure programme.

24/7 SOC monitoring
ISO 27001 Certification
2×/year Penetration test
€100k Bug bounty max

Client funds segregated in CSSF-eligible institutions. Deposit insurance — up to €100,000 per depositor under the EU scheme. Learn more about compliance on the Compliance page.

security@circlebanking.cy Incident response < 1 hr PCI DSS Level 1

Security is our priority

Questions and incident reports: security@circlebanking.cy

Open account Contact us