Security that meets Swiss standards

The Swiss banks involved in TWINT guarantee the strongest possible security and data protection.

    What we do What you can do Data Privacy App Store FAQ Support Download

What we do

Protected access

Protected access

Your TWINT app is protected with a PIN or Touch ID. If you lose your smartphone, you can contact us and have your TWINT account blocked at any time.

Contact us

Secure transactions

Secure transactions

TWINT is as secure as e-banking. The money is not stored directly on the smartphone. All transactions take place in a secure environment.

Comprehensive data protection

Comprehensive data protection

TWINT stores all personal data at a secure location in Switzerland. Good to know: TWINT AG shall never disclose this personal data to business customers and/or third parties without the express approval of customers in the TWINT app.

More information


What you can do

In addition to what we do for the security of your data, you can also make your own contribution. Here we show you some tips and tricks to ensure maximum security.

Send / Receive Money

When you are using the TWINT app to send or receive money:

  • Never validate a ‘TWINT’ payment whose recipient you don’t know. When you receive a request for a P2P payment, don’t validate the payment unless you expect to receive the payment request. Carefully check the recipients’ details so that you are sending the payment to the correct person, and don’t rely on the message field in the payment request, this field is not part of the payment and is used only for communication.
  • When you initiate a P2P payment, use your contact list and check you have the correct details. Use the real name of the person and not a nickname for the payment.
  • If you are not sure you have the correct phone number of a person, ask the person if they can send you a payment request instead of sending money directly to them. That way you can make sure that the money gets to the correct recipient.
  • It is not possible to initiate a P2P payment with a QR code. If you are initiating a P2P payment, you do this via a phone number and recipient name.
  • P2P is meant for private transactions with friends and family. Don’t use it to buy goods and services from unknown sellers. Sellers should offer QR code based payment with TWINT.
  • Never use the ‘Release Money’ functionality to initiate payments.
Regular Review

Remember to regularly review:

  • The default TWINT app and the associated bank account for incoming transfers in case you have multiple TWINT apps and accounts, as it is only possible to receive payments on one account.
  • The list of merchants for whom you have saved TWINT as your payment method.
  • Your saved loyalty membership cards. Make sure these are updated and that the details are correct.
Online Shopping

When you are shopping online:

  • Make sure you’re on the right online shop by carefully checking the domain name.
  • The send/request money feature of TWINT is meant for private transactions with friends and family only. If you want to use this feature to buy goods or services, especially from people you don’t know and who aren’t present like sellers on classified ad platforms, please be aware you might lose your money because of fraud.
  • Don’t supply any details or information on websites that are untrusted.
  • Always protect your usernames and passwords, and never share these with anyone.
  • In case you have multiple TWINT apps installed on your phone, make sure you’re selecting the right app to make the payment when the phone switches from the online store to the payment application.
Additional Tips

And finally remember, as a TWINT user:

  • TWINT will never ask you for personal information, financial information or passwords via email, SMS, phone or mail except for identification by the support.
  • TWINT will never send you unsolicited emails or SMS with links and ask you to log into your account unless you have not yet downloaded the TWINT app and someone wants to send you money.
  • TWINT is only available as an application for iOS and Android, there is no web portal for the TWINT app.
  • Don’t allow anyone to ‘stress’ you with demands like, ‘unless you pay now, you will receive a fine or be charged a fee’. For example, scammers may use current events, emergency or political situations to contact you and ask for payments.
  • Only download the TWINT app from the Apple app store or the Google Play Store.
  • Report suspicious emails and spam you receive in your inbox.
  • If in doubt, contact the local authorities or police.

Data Privacy

TWINT attaches great importance to data protection and transparency. We would like to take this opportunity to provide users with a brief explanation of what data we store and for what purposes it is used. The GTCs accepted upon installing the app are legally binding.

Find out more


App Store

The App Store now includes specific categories on the topic of data protection. TWINT has consciously interpreted the category definitions requested by Apple in a broad manner in order to be as transparent as possible for users. However, only the data required to use the app and to make transactions will be used, as explained below:

Purchased items
‘Purchased items’ refers to statement entries that are displayed in the TWINT app. The content is restricted to the actual transaction overview. TWINT ‘sees’ neither the shopping basket nor any other data and thus cannot collect this information.

Financial information
‘Financial information’ refers to the data required to process a TWINT transaction (so that the counterparty knows which account has to be charged or credited). This data is processed by TWINT albeit in a manner that ensures the data is masked out (see also ‘Identifiers’) in order to guarantee maximum data privacy. At no time whatsoever do parties other than the bank that released the respective TWINT app have access to or can view account-specific information.

Location sharing
‘Location sharing’ must be enabled for all applications that use Bluetooth (payments via Beacon are carried out with the aid of Bluetooth). In theory, the location can be identified from the position of the Beacon, but it is not saved or reused by TWINT.

User content
‘User content’ refers to the content created by the user and sent within ‘send and receive money’ transactions (e.g. text or an image).

Browser history
‘Browser history’ comprises solely the activities required to execute transactions while using TWINT+ in the smartphone browser. No other general browser data is collected beyond that.

Identifiers
‘Identifiers’ refer to TWINT-specific user identifiers (ID). A unique ID is created for every TWINT user upon registration and this is then used to regulate access to the TWINT account. These IDs allow TWINT to implement maximum data privacy, as they ensure that personal data does not have to be used.

Diagnostic/usage data
‘Diagnostic’ data consists of operational data, such as the response time of an app, communication times with the server, and the data that is recorded in the event of an error (e.g. in the event that the app crashes). This data is used to identify errors and to optimise the TWINT app accordingly. The same also holds true for ‘usage data’ that allows us to optimise the app. This data is also solely operational data concerning the processes within the app (e.g. how quickly a registration process is carried out, whether interruptions will be caused, etc.).


FAQ

Have you forgotten your TWINT PIN / your TWINT password or would you like to receive more information about security of the TWINT app? Please visit our FAQ area.

To the FAQ


Support

Do you need help to solve a problem or do you have general questions about the security of TWINT? Contact the support of your TWINT app.

All contact details

Download the TWINT app now

It does not matter who you bank with: TWINT is available to everybody. Ideally, you should select the TWINT app of a bank with which you have an account. This will allow you to link the app to your bank account.