Your Security

When it comes to keeping your data and your money safe, we never rest. We’ve built bank-grade security measures into our systems to make sure you can use Wave with confidence.

Data Security

PCI-DSS Certified: Wave is Level 1 PCI-DSS certified. This means that every year we have a third-party audit to validate our practices and make sure we’re doing the right things for you and your customers.

Secure data transmission: When you load a page in your browser, or upload information to Wave, all that information is encrypted while it’s moving over the internet. We secure your data via encryption.

Secure data storage: Your accounting data is stored on servers that have strict physical access and technical controls, meaning there are rules in place limiting access to only the people who need it to do their jobs. The facilities are monitored 24/7 and access to your information is strictly controlled.
‍

Mobile Security

Passwords are encrypted when they’re collected and when they’re sent to our servers. We don't store them without encrypting them first. In fact, all communications between our apps and our servers are encrypted using security protocols.

Do you have additional questions about the security of Wave? Please contact us. We’d be happy to tell you more about the many steps we take to ensure the security of your sensitive information.

For US Businesses

Wave Advisors If you use our Wave Advisors professional services, these terms apply.

Wave Payments If you use Wave Payments, these terms apply.

Wave Payments Customers If you’re paying an invoice through Wave’s platform, these terms apply.

Wave Payroll If you use Wave Payroll, these terms apply.

Wave Subscription Services If you subscribe to Wave’s Pro Plan or receipt scan feature, these terms apply.

Developer API Including but not limited to developer.waveapps.com, api.waveapps.com.

Stripe If your processing of credit card payments is powered by Stripe, you’re bound by their Terms of Service.

For Canadian Businesses