Serious security

When you trust us with your data, we’re committed to keeping it safe.


Ibotta operates a robust security program based on established security frameworks, such as NIST 800-53 and the SSAE 18 Service and Organizational Controls Trust Criteria (SOC 2). In addition to annual security reviews by third-party assessment teams, we have a dedicated security and privacy team to continuously monitor our platform to ensure security protections are operating effectively, including access control, encryption, vulnerability testing, privacy protections and additional safeguards. We also maintain a bug-bounty program, for independent security researchers to test our platform and submit issues for review and mitigation. Rest assured, the security of your information is important to us.
Girl on computer


When you trust us with your data, we have a responsibility to protect it — and we do so with strict access controls, data policies, and regular audits. In addition to securely storing data we collect about you, we do not sell or share your data that identifies you personally, and we only use your personal information as outlined in our Privacy Policy. In addition, we comply with all applicable laws and regulations pertaining to data privacy and security. Review our Privacy Policy for more detailed information.

Platform & app security

We safeguard your Ibotta experience with industry-standard protections. Your data is securely encrypted at all times using both software and hardware protections. When you secure your account with a phone number and opt in to our SMS service, we’ll send you a text to verify it’s you before allowing withdrawals from your earnings or access to payment features.
Financial security
AICPA / SOC badge

Ibotta is committed to keeping your data secure and has successfully completed the SOC2 type 2 assessment.

Frequently asked questions

Have more questions?

We’re here to help. Visit our Help Center for frequently asked questions or to get in touch with our Ibotta Care team.