Platform & app security
Frequently asked questions
How is my sensitive data stored?
Your data is securely stored at all times. Data from Ibotta apps is encrypted in transit using Transport Layer Security (TLS) and is encrypted at rest using various hardware and software protections. Sensitive data is stored in continuously hardened infrastructure which is monitored for threats 24/7, and regularly reviewed and penetration tested by security professionals. In simpler terms, we take your security very seriously.
Do you share my information with third parties?
What should I do if I think my Ibotta account was hacked?
If you believe your account might have been compromised, immediately contact our Ibotta Care team. We can help restore access to your account.
Is it safe to link my loyalty account?
When you link your loyalty account, your data is secured using the same protections as other parts of our app. We only receive data about the items you purchase and where you purchased them. We do not receive and cannot access any personally identifiable information associated with your loyalty account other than your loyalty account login information (which you provide to us when you link your account).
How can I protect my Ibotta account?
There are a number of ways to protect your account and stay safe online:
- Keep your passwords safe — don’t share them with anyone.
- Mix it up — make sure that your password includes numbers, capital letters, and special characters. Don’t use the same password for multiple services or apps.
- Secure your account with a phone number — navigate to Account > Settings > Verify Device to add a phone number to your account. We’ll send you a text message to make sure it’s you if we detect suspicious activity and before you withdraw cash.
- Enable extra security — in Settings, enable features like Face ID to protect certain settings and features such as Pay with Ibotta.
How can I disclose a security vulnerability to Ibotta?
We recognize the important role of security researchers in helping keep our community safe. If you believe you’ve discovered a bug in Ibotta’s security, please let us know as soon as possible via our bug bounty program — our security team will rapidly investigate and respond as quickly as possible to your report. Note that this program is for software security researchers only. If you have a question or issue with your account, please contact Ibotta Care.