If you believe you have discovered a security vulnerability in Nuvei’s or any of its subsidiaries’ products or websites, please continue reading on how to submit a report to our security teams to investigate.
While we greatly appreciate community reports regarding security issues, at this time Nuvei does not provide monetary compensation for automated vulnerability reports.
Any security bugs or vulnerabilities that can be successfully shown to compromise the confidentiality, integrity, or availability of information relating to our clients and our secrets may be considered for compensation.
Any vulnerability or potential vulnerability you discover may not be disclosed publicly or to any 3rd party.
The following tests are prohibited and will be subject to notification of law enforcement.
Automated tests of any kind including but not limited to:
Do not attempt to conduct post-exploitation, including modification or destruction of data, and interruption or degradation of Nuvei services.
Do not attempt to target Nuvei employees or customers using methods of social engineering, phishing, or physical attacks.
Non-qualifying security vulnerabilities include but are not limited to: