Credit Karma goes the extra mile when it comes to the safe-keeping of our members’ personal information. We use 128-bit or higher encryption to protect during the transmission of data to our site and encrypt data at rest. If we suspect any suspicious activity on your account then we’ll alert you as soon as possible. Plus, for additional protection, you can turn on SMS two factor authentication for our website.
We have a dedicated security team that investigates and responds to issues as quickly as possible.
External Security Assessments
We work with independent third-parties who regularly assess our site for vulnerabilities. Plus, our external bug bounty program rewards independent security researchers if they report detected security issues.
External Security Auditing
Credit Karma, Inc. reviews its online credit management services and systems as well as supporting technologies for ISO27001 (certification details here), and compliance with SOC 1/2.