Let’s talk about security.


At the core of our business is making sure your information is as safe and secure as possible.

illustration of blue safe

Here are a few of the things we’re doing.

PCI Compliance

Divvy is PCI compliant. That means we meet the Payment Card Industry Data Security Standard (PCI DSS) for organizations that handle branded credit cards.

Multi-factor authentication

For all company administrators with access to sensitive company information and controls, we require multi-factor authentication (MFA).

Face and touch logins

Our mobile app uses the latest security features, including Android fingerprint scanning and Apple Touch or Face ID.

Fraud protection

Divvy uses an advanced third-party platform that monitors all transactions in real-time and prevents complex fraud incidents with speed and accuracy to protect your business.

SOC2 Type 1

We have completed our SOC2 Type 1 report. This demonstrates a test of design that validates the appropriate security controls are in place.

Bug Bounty Program


Information security is vital to the Divvy mission, and we appreciate the community of researchers who support it. We invite users to engage with our platform and submit any legitimate vulnerabilities to our bug bounty program using this form.

burglar profile illustration

Ready to start

spending smarter?


Just fill out the form and we’ll have someone from our team reach out shortly, to help you get started.