Security

Last Update: April 23, 2026

Currency-Exchange.app is built for teams that rely on accurate, available, and protected currency data. We use layered security controls across transport, access, monitoring, billing, and support workflows.

Encryption

• API and dashboard traffic is served over HTTPS with modern TLS.
• Sensitive account and billing workflows are protected through trusted payment and auth providers.
• Secrets and credentials are restricted to the systems and team members that need them.

API Key Controls

• API keys are designed to be rotated, revoked, and separated by environment.
• Usage limits, account state, and billing status are enforced to reduce abuse risk.
• Customers should never commit API keys to public repositories or frontend-only code.

Monitoring and Abuse Prevention

We monitor service health, API errors, traffic patterns, authentication events, and unusual usage. Logs are used to troubleshoot issues, protect customers, and investigate suspected abuse.

Vulnerability Management

Dependencies and code changes are reviewed for security impact. We patch known vulnerabilities in a timely manner, keep production configuration under version control, and use deployment practices designed to reduce accidental exposure.

Data Minimization

Currency conversion requests should contain only the data needed to return a rate or converted amount. Do not send passwords, card numbers, protected health information, or other sensitive payloads to conversion endpoints.

Account and Data Deletion

You can request account deletion through our delete your data page. Some billing, tax, fraud-prevention, or security records may need to be retained as described in the Privacy Policy.

Security Contact

Please send security inquiries or vulnerability disclosures to security@currency-exchange.app. Include enough detail for us to reproduce the issue, and avoid accessing customer data or disrupting the service during testing.