Discovered a security vulnerability? Let us know 

At SecPoint, ensuring our customers' safety and confidence while transacting with us is paramount.

Therefore, we meticulously prioritize security throughout our system development and management.

While we relentlessly aim for top-tier security and quality, oversights might occur.

If you've detected a security lapse, please share it with us so we can address and rectify it promptly.

How can you reach out?

Please forward your findings to [email protected].

Ensure you provide:

A comprehensive breakdown of the vulnerability, including specifics like the URL and the nature of the issue.

The essential details for us to replicate the issue.

A screenshot, if relevant, showcasing the flaw you've identified.

Your contact details: name, email, and phone number.

What are we looking for?

We invite you to report any security vulnerabilities discovered in our services.

Typical security issues include cross-site scripting, encryption anomalies, or logic controls with security ramifications.

Please note that this reporting platform is not intended for non-security related bugs, textual mistakes, inquiries about our offerings, or general security questions.

What should you anticipate from SecPoint?

Upon receiving your report, we'll acknowledge its receipt.

Throughout the resolution process, you'll be kept in the loop, and we'll notify you once the issue is addressed.

Please note that we won't entertain demands for remuneration tied to the submission of a vulnerability. 

What do we expect from you?

To ensure the safety of SecPoint and our valued customers, we kindly request that you adhere to the following guidelines: 

  • Refrain from using the vulnerability to view or try to access data that isn't yours.
  • Avoid using the vulnerability to delete or alter data.
  • Ensure you don't disrupt our services, especially through denial of service attacks.
  • Allow us time to address and rectify the reported vulnerability before disclosing it to the public.

Can you submit a report without revealing your identity?

Yes, but in that case, we won't be able to update you on its progress.