How Secure is Tootpay's Solution?

  • Tootpay’s payment solution utilizes 2 factors authentication method that meets Central Bank requirements.

  • Tootpay’s payment solution doesn’t store any sensitive information; it knows only your menu PIN. Should your phone be stolen, the thief cannot make transactions on your behalf without knowing your menu PIN and password.

  • If you (or someone who has stolen your phone) enter a wrong menu PIN three times, your mobile banking account is immediately locked. You would have to contact or visit the bank to reactivate your banking service.

  • All communication from Tootpay’s solution is encrypted with Triple-DES and only the bank has the key to decrypt the message. 

  • Every request sent by Tootpay’s solution to the bank is signed with the private digital signature unique to each individual that is stored on the phone. The bank’s servers check for a valid signature on every request. The signature is valid by knowing that 1) the data has not been been tampered with; 2) the request came from the customer’s phone and not from another source.

  • Our team continuously monitors developments in the field of banking and data security and applies industry best practices. At the same time, Tootpay endeavors to maintain a product that is user-friendly.

Tootpay places a strong emphasis on security and integrity of monetary transactions via its payment solution. Here are the things Tootpay does to protect the customer’s money, the customer’s confidential information and the data transmitted between your phone and our services.