Comprehensive security framework
Wix’s corporate security mindset and strategy are guided by our three-pillar security approach. This framework helps ensure thorough protection of data confidentiality, integrity and availability.
Wix stays at the forefront of threat prevention. We thoroughly incorporate security into our platform, giving sites a safe foundation and protection from the get-go.
At every step of the development process, we use security best practices—like design and code reviews, threat modeling and penetration tests—to ensure a safe platform.
Safe Data Encryption
Our data in transit encryption uses HTTPS, TLS 1.2+ and automatic SSL, while data at rest uses AES-256. Our high-security PCI environment uses a FIPS 140-2-certified HSM.
Secure Payments & Anti-Fraud
All Wix sites are compliant with the highest Payment Card Industry Data Standards, supported by anti-fraud protection, to safeguard payment info and protect transactions.
Third-Party Risk Management
To help protect client and site safety in working with third-party services, Wix operates a strict TPRM Program to ensure vendors align with our security standard.
We’re committed to your privacy and data protection—and that of your customers. Wix is compliant and certified with the highest international privacy and security regulations, including Soc 2 Type 2, PCI DSS Level 1, several ISOs, GDPR, CCPA and LGPD.
Physical data security
We’re hosted by world-leading DC providers AWS, Google Cloud Platform and Equinix, which all comply with the highest industry standards for physical, environmental and hosting controls.
The Wix Bug Bounty Program
When it comes to our users’ safety, we go the extra mile. Wix invites independent security researchers to try and “hack” our platform for a reward, collaborating with some of the world’s best in the field to identify and address platform vulnerabilities—early and proactively.
Our account security features give users extra protection and capabilities.
Our security culture
“We’ve created a team of the best infosec people, coupled with high-end technology and robust processes, to manage data and flows at a large scale and always keep our eye on the ball.”
Israel Rachmani, CISO at Wix
Our world-class experts work around the clock to provide users with state-of-the-art security for their sites and data. The team maintains defense systems, conducts security reviews and provides consulting to product teams in order to help create a secure online environment.
As part of our commitment to keep users' information safe and secure, employees undergo both general and role -specific security training. From emerging threats to phishing awareness, we keep personnel informed and up to date with the current security landscape.