Download App

Built with security at its core

Introduction

At Switch Hub, keeping your money and information safe is a core part of how we operate, protecting your personal and account information is a priority.  We use layered security controls to protect accounts, monitor activity, and quickly identify unusual logins or transactions.

We have been delivering secure payment services with a strong focus on trust and reliability while maintaining ongoing security and compliance oversight.

Your security is built into our platform — not added as an afterthought.

 

  1. Identity protection

We carefully collect relevant information to help prevent identity theft and fraud. Account access is protected through passwords, multi-factor authentication, security questions, and automatic time-outs.

Biometric Data at Switch Hub

 

What is Biometric Data?

 

Biometric data refers to unique physical or biological characteristics that can be used to verify an individual’s identity. This may include facial scans, fingerprints, voice patterns, or similar identifiers. At Switch Hub, biometric data is used solely to confirm your identity so we can securely provide our products and services through our platforms, applications, and APIs.

 

How Switch Hub Collects Biometric Data

 

When you create or verify a Switch Hub account, we may request certain biometric information as part of our identity verification process. This data is collected and processed through approved third-party verification providers. Switch Hub will only collect biometric data with prior notice and your explicit consent.

 

How We Use Biometric Data

 

Biometric data is used strictly for identity verification and fraud prevention. It is compared against the identification details you submit during onboarding to confirm that you are the rightful account holder.

 

Data Security

 

Switch Hub applies appropriate technical and organisational safeguards to protect biometric data against unauthorised access, misuse, or disclosure. We require our service providers to meet equivalent security standards.

 

Sharing of Biometric Data

 

Switch Hub does not sell, rent, or trade biometric data. We only share it with trusted service providers where necessary to deliver our services. Disclosure may also occur where required by law, regulatory request, or a valid court order.

 

Data Retention

 

Biometric data is retained only for as long as necessary to support your active relationship with Switch Hub and to meet applicable legal and regulatory requirements. You may request correction or deletion of your biometric data, subject to mandatory retention obligations.

 

After Account Closure

 

Following account closure, biometric data may be retained for the legally required retention period applicable to your jurisdiction, starting from either account registration (if no transactions occurred) or account closure (if transactions occurred). Once retention obligations expire, the data is securely deleted .

 

  1. Fraud prevention

We apply ongoing monitoring across registrations, logins, and transactions to identify suspicious activity. Our fraud systems use a multi-layered approach to detect and prevent threats such as phishing, malware, and fraudulent applications targeting our customers.

 

Scams & Fraud Awareness

 

Scams are becoming increasingly sophisticated, often relying on social engineering—techniques used to manipulate individuals into sharing confidential information or taking harmful actions. Scammers may research victims through social media activity or browsing history before making contact.

If you believe you may have been scammed, contact fraud@switchhub.ca immediately.

 

Our client support resources outline what to do and how we can assist

Common Types of Scams we want you to know

 

Investment Scams


Scammers promote fake investment opportunities promising guaranteed or unusually high returns. These schemes often appear professional and credible. Examples include; Pyramid schemes, Boiler rooms, Cryptocurrency investing, Ponzi schemes, Superannuation


Red flags include unsolicited investment offers, pressure to act urgently, promises of low risk with unusually high returns, or requests to transfer funds to multiple or unfamiliar accounts. Scammers often present themselves as credible and well-informed, using polished materials, data, or forecasts that closely resemble legitimate investment opportunities, making them difficult to detect.

 

Identity Theft


This occurs when a fraudster obtains and misuses your personal information—such as your name, date of birth, address, or identification details—without your knowledge or consent. This often happens after a scam, phishing attempt, or data breach. With this information, criminals may access your accounts, open new accounts or loans in your name, make unauthorised purchases, or take control of your online profiles.

Common warning signs include unexpected or unauthorised account activity, invoices or receipts for goods or services you did not purchase, notifications about new accounts or loans you did not apply for, and loss of access to your email or social media accounts.

 

Phishing or Spoofing

 

This refers to deceptive emails, messages, or phone calls that are deliberately crafted to look as though they come from legitimate and trusted organisations. The goal is to trick individuals into revealing sensitive information such as login credentials, personal identification details, or banking information.

Common warning signs include unusual or slightly altered sender addresses, generic greetings instead of your name, spelling or grammatical errors, and unsolicited requests to verify, confirm, or update your personal or account details.

 

Online relationship scam


This occurs when fraudsters create fake identities on dating websites or social media platforms to build emotional connections with their targets. These scammers often present themselves as trustworthy, caring, or in need of companionship, and may quickly express strong feelings. To reduce oversight, they typically suggest moving conversations away from the platform to private channels such as email, messaging apps, or SMS.

Over time, the scammer gains the victim’s trust and uses emotional manipulation to request money, gifts, or sensitive personal information. These requests are often framed around fabricated emergencies, business opportunities, travel costs, or personal hardship. In some cases, victims may also be asked to receive or transfer funds on the scammer’s behalf, unknowingly becoming part of fraudulent activity.

Common warning signs include rapid emotional attachment, early discussions about finances, inconsistent personal stories or identities, reluctance to engage in video calls, and requests involving money transfers or financial assistance.

 

Invoice Scams

 

This occurs when fraudsters pose as legitimate suppliers or service providers and send invoices requesting payment to new or altered bank account details. These messages often appear authentic and may come from compromised or look-alike email addresses.

Be cautious if a supplier unexpectedly changes their payment details, requests urgent or last-minute payment, asks you to cancel or redirect a previous payment, or if the invoice amount or format differs from what you normally expect.

Payroll Scams


This occurs when fraudsters impersonate employees and request changes to payroll or salary payment details. These requests are often sent from compromised email accounts or email addresses that closely resemble a legitimate employee’s address.

Common warning signs include small variations in the sender’s email address, unexpected or urgent requests to update bank or payment details, and messages that bypass normal payroll or approval procedures.

 

How to Protect Yourself

 

  • Phishing, Identity Theft & Cybercrime
  • Be cautious with emails or messages that seem unusual or unexpected—do not reply or click on links
  • Use strong, unique passwords and enable two-factor authentication on all accounts
  • Regularly review your bank and payment accounts for unauthorised activity
  • Do not open attachments from unknown or unverified senders
  • If you are unsure whether a message is genuine, access your account through your usual website or app, not the link provided
  • Never share identification documents, login details, or verification codes with unverified parties
  • Keep your devices secure with up-to-date antivirus software and firewalls
  • Avoid using public computers or unsecured Wi-Fi to access sensitive information
  • Limit the amount of personal information you share on social media

 

Investment Scams

  • Treat unsolicited investment emails or calls with caution
  • Research thoroughly before investing and seek independent financial, legal, or professional advice
  • Confirm whether the business is licensed and understand how it operates before committing funds
  • Avoid making rushed decisions—legitimate investments allow time for consideration
  • Be cautious with offshore investments, as recovering funds can be difficult
  • Watch for poor spelling, grammatical errors, or unusual website addresses

 

Invoice Scams

  • Always compare invoice payment details with previous records
  • Independently verify any changes to bank details using trusted contact information you already have
  • Limit who can approve payments and introduce additional approval steps for new or high-value payments
  • Assume unexpected payment requests may be fraudulent and verify directly with the supplier

 

Online Relationship Scams

  • Be alert to generic or copied profiles on dating or social platforms
  • Look out for inconsistencies, grammar errors, or changing personal stories
  • Be cautious of any requests for money, gifts, or financial help
  • If a relationship develops online, verify identity through live video calls before building trust

 

Staying informed is one of the most effective ways to protect yourself. If something doesn’t feel right, pause and verify before acting—and contact Switch Hub for support.

 

You’re Not Alone — We’re Here to Help

Falling victim to a scam or fraud can be distressing. If you believe your personal or financial information has been compromised, it’s important to act quickly. Switch Hub is here to support you.

What to Do Immediately

If you think you’ve been scammed or your Switch Hub account may be affected:

  • Stop all communication with the suspected scammer
  • Contact Switch Hub immediately so we can secure your account
  • Review your account for any unusual activity
  • Report the incident to the appropriate authority in your region
  • Take steps to protect your identity

 

How Switch Hub Supports You

When you contact us:

  • A specialist will securely log and assess your case
  • Any suspicious activity will be escalated internally for review
  • We’ll guide you through next steps and keep you informed where appropriate
  • Open communication helps us support you more effectively

 

Additional Steps We Recommend

After contacting Switch Hub:

  • Notify your bank or financial institution
  • Report the incident to your local fraud or cybercrime authority e.g. Canadian Anti-Fraud Centre
  • Place alerts on your credit file to help prevent unauthorised credit activity
  • Inform trusted friends or family to raise awareness

 

Staying Safe Online

  • Use strong passwords and enable two-factor authentication
  • Never share passwords, one-time codes, or security details
  • Keep your devices and software up to date
  • Avoid clicking suspicious links—go directly to official websites
  • Limit the personal information you share on social media

 

Need More Support?

Feeling overwhelmed is normal. Consider reaching out to a trusted person, a local support service, or a fraud victim assistance organisation .

 

  1. Cyber security

 

We take a proactive and rigorous approach to identifying and mitigating security risks. Our security framework aligns with leading international standards, and we continuously strengthen our controls to stay ahead of evolving threats.

 

Cyber Security at Switch Hub

We apply a range of technical and operational measures to safeguard sensitive data, prevent unauthorised access, and deliver a secure online experience for our customers.

 

How We Protect You

Our cyber security controls include:

  • Encryption of customer data and transactions
  • Monitoring and blocking of malicious actors and automated bot attacks
  • Secure software development practices to reduce platform vulnerabilities
  • Regular security testing and risk assessments
  • Strong access controls, including CAPTCHA and multi-factor authentication (MFA)
  • Ongoing training and threat awareness

 

Malicious Activity

We deploy layered controls to detect and prevent malicious activity on our platforms. These include intelligent bot-detection tools to distinguish legitimate users from automated attacks, CAPTCHA challenges, rate limiting to prevent repeated login attempts, and web application firewalls to filter harmful traffic. Our systems are continuously updated to respond to emerging threats.

 

Access Control

 

We maintain strong access controls to protect customer data and system integrity. This includes secure authentication methods such as passwords and MFA, alongside regular reviews of user access rights. Access is restricted based on the principle of least privilege, ensuring individuals only have permissions necessary for their role.

 

Secure Development Practices

 

Our systems are built and maintained using secure development standards. We conduct regular code reviews, automated vulnerability testing, and security scanning throughout the development lifecycle. Developers receive ongoing training to stay current on security risks and best practices.

Security Risk Assessments

We regularly assess security risks to identify vulnerabilities and prioritise remediation. This includes threat intelligence reviews, vulnerability scanning, and penetration testing using recognised industry frameworks. These assessments help strengthen our defences and protect the confidentiality, integrity, and availability of our systems and data.

 

What You Can Do to Stay Secure

 

  • Use strong, unique passwords and consider a password manager
  • Change your passwords periodically
  • Enable multi-factor authentication where available
  • Access your account only through official websites or apps—avoid links in emails or messages
  • Be cautious of phishing or smishing attempts
  • Keep your devices updated with antivirus and security software

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by