At StashAway, we take security seriously and strive to ensure that while we focus on customer experience, usability and product reliability, it is secured as well. However, nothing is perfect and we encourage the reporting of suspected vulnerabilities or weaknesses in our IT services and systems through our Vulnerability Disclosure Programme (VDP).
You can find more information on how to report here.
Please also note that the VDP does not authorise or permit the taking of any action which may contravene applicable laws and regulations (e.g. Computer Misuse Act). For the avoidance of doubt, attempts to exploit or test suspected vulnerabilities (e.g. gaining unauthorised access to any computer program or data) are prohibited.
StashAway Hong Kong Ltd. is a licensed corporation (CE No. BQE542) under the Securities and Futures Ordinance in respect of Type 1 (Dealing in Securities), Type 4 (Advising on Securities) and Type 9 (Asset Management) regulated activities.