As online scams become more common and more sophisticated, we’ve taken extra precautions to protect you and your customers. Learn about HitPay's security features and the steps you can take to keep your account safe.

Protect your HitPay account in just 4 steps

Here are 3 essential steps you can take to keep your account secure:

1) Set up 2-Factor Authentication (2FA) on HitPay

2FA is an additional login step to verify it’s you signing in. This protects your HitPay account in case someone learns your password.

Follow this step-by-step guide to enable 2FA. You'll need either the Google Authenticator or Microsoft Authenticator app.

Once 2FA is active, enter the 2FA code from the authenticator app when you log in to HitPay.

Download links:
Google Authenticator on Google Playstore or Apple App Store
Microsoft Authenticator on Google Playstore or Apple App Store

2) Review your account password

Set a unique password you’re not using elsewhere and keep it confidential. Use a mix of letters, numbers, or upper and lowercase characters to improve your password security. If you suspect your account has been compromised, change your password immediately.

3) Review the security of your WiFi network and device

Avoid using public computers and WiFi networks to access your HitPay account. Always use a mobile device or computer you trust. Ensure you’re running the latest operating system and browser version. To be more secure, install an updated anti-virus solution.

4) Be careful of impersonators

Scammers may pretend to be HitPay in an attempt to phish for your login details. Always check that the sender is from HitPay's verified channels, especially before clicking on a link.

HitPay – Verified channels

• HitPay website: https://www.hitpayapp.com/

• Newsletter: Sent from aditya.haripurkar@hit-pay.com

• HitPay Support email: support@hit-pay.com
  All emails from the HitPay team come from the domain 'hit-pay.com'

• HitPay WhatsApp: +65 98644718 and +65 89518262

HitPay Support agents will never ask you for:

• Your HitPay account password. If we need to investigate any issues with your account, we'll only ask for your email address

• The OTP generated by an authenticator app

• Your personal or financial information like identity card numbers, bank account numbers, or credit/debit card information

• Remote access to your computer. We'll never ask you to download any remote control software through WhatsApp, email, or on the phone

Please inform us immediately if you:

• Receive an SMS or email alerts for transactions not done by you

• Notice any unusual or unauthorised transactions in your account

• Suspect any fraud or impersonation, including any loss of your security details or account information

How HitPay keeps your account safe

We test and vet our security rigorously
We perform regular independent audits of cybersecurity threats following local regulatory requirements.

Built by experienced banking and payment professionals
We partner with leading payment infrastructure providers and banking networks to ensure merchant transactions are processed securely and paid out on time.

Secure transactions to protect your data
We host our payment checkout page on Transport Layer Security (TLS) hosted servers with built-in payment tokenisation and encryption features.

Our credit card payment gateway is certified PCI - DSS compliant — a security standard for organisations that handle credit and debit card information. We partner with Stripe for payment security and fraud detection infrastructure.

We secure our website with a 128-bit Extended Validated Secure Socket Layer (SSL). Under SSL encryption, all information you key in on the site is protected and confidential.

Contact HitPay Support for help with potential issues:

• HitPay Support chat box (replies from 9AM – 6PM SGT)

• Email: support@hit-pay.com (replies within 1-2 business days)

Our website chat box can be found on the bottom-left corner of the HitPay website