Security
Last updated: January 15, 2026
Security is the foundation of Trust Wallet Card. Our decentralized, non-custodial design ensures your assets remain under your full control at all times.
Security Architecture
256-bit AES Encryption
All communications are encrypted with AES-256 both in transit (TLS 1.3) and at rest. Card numbers are tokenized and never stored in plain text.
Biometric Authentication
Face ID, Touch ID, and fingerprint authentication protect access to your card and transaction approvals.
Non-Custodial Security
Your funds remain in your own wallet at all times. We never hold, pool, or have access to your cryptocurrency assets.
Decentralized Architecture
Smart contracts handle transactions autonomously on the blockchain, eliminating single points of failure and central authority risks.
Certifications & Audits
CertiK Audited
Smart contracts and infrastructure regularly audited by CertiK, a leading blockchain security firm. All reports are published publicly.
SOC 2 Type II
Independent verification of our security, availability, and confidentiality controls over a 12-month audit period.
ISO 27001
International standard for information security management systems, certifying our comprehensive security framework.
Open Source
Our smart contract code is open source and publicly verifiable, ensuring full transparency of our security model.
Non-Custodial Design
Trust Wallet Card operates on a fully non-custodial model. Your cryptocurrency remains in your own wallet at all times. We only access the exact amount needed at the point of sale through a secure, time-limited smart contract authorization. We never hold, pool, or have custody over your assets.
Bug Bounty Program
Report a Vulnerability
We maintain an active bug bounty program with rewards up to $100,000 for critical vulnerabilities. Responsible disclosure reports should be submitted through the Trust Wallet app. We commit to acknowledging reports within 24 hours.