Algbra
SC Ventures makes strategic investment in Algbra, establishes partnership with its UK sustainable finance platform Shoal

We operate a policy of responsible disclosure whereby we work closely with security researchers to ensure any potential vulnerabilities submitted to us are reviewed and remediated as soon as possible.

If you believe you have identified a security vulnerability in one of our products, services, applications or systems, then we would love to work with you to fix it as quickly as possible.

When to report a security vulnerability?

If you think you have identified a security vulnerability that affects Algbra systems and/or customers then you should submit a report as soon as possible. 

Guidelines

We request that all researchers follow the straight forward guidelines below:

  • Do not publicise the vulnerability without our explicit approval
  • Do not access customer or employee personal information or any Algbra confidential information. If you accidentally access any of these, please stop testing and submit your report immediately.
  • Stop testing and report the issue immediately if you gain access to any nonpublic application or non-public credentials.
  • Do not degrade the Algbra Platform (e.g., Denial of Service), customer experience, disrupt production systems, or destroy data during your research.
  • Do not run automated vulnerability scans - we have the capability to do this ourselves.

What information should you provide in the report?

The more information you are able to provide, the faster we will be able to respond and remediate ant potential vulnerabilities.

The below information is a loose template we ask researchers to follow when reporting vulnerabilities:

  • Your name
  • Date and time of discovery
  • Your number, if you are comfortable providing it
  • Technical details of the vulnerability
  • Raw HTTP requests and responses where appropriate. Any timestamps that would help us correlate logs would be useful
  • Clear and concise step-by-step guide to allow for validation. Attach any screenshots or videos to the email or via a private storage account. Do not upload any attachments to public storage websites

Reports that are out of scope and that are unlikely to facilitate a response:

  • Reports that are not actual security vulnerabilities (e.g., forgetting your password is not a security vulnerability)
  • Spamming, social engineering, or phishing attacks
  • Accessible, non-sensitive files or directories (e.g., README.txt, robots.txt, etc)
  • Fingerprinting / banner / version disclosure of common applications and/or services
  • Username / email enumeration by bruteforcing or by inference of certain error messages - except in exceptional circumstances such as the ability to enumerate phone numbers by incrementing a variable

Now that you’ve read the above, here’s how you can contact us:

Send through your report to responsible-disclosure@algbra.com

Algbra Logo

Balancing the equation

Apple App StoreGoogle Play Store

For customers who joined Algbra before 22 July 2024: The e-money in your Algbra account is currently issued by Modulr FS Ltd, a company registered in England and Wales with company registration number 09897919 and registered address at Scale Space, 58 Wood Lane, London, W12 7RZ. Modulr is regulated by the Financial Conduct Authority (FCA) for issuance of electronic money with FRN 900573. As of 23 September 2024, or earlier if you accepted Algbra’s updated terms before this date, the e-money issued to your Algbra account is issued by Algbra Group Limited, which is a private limited company registered in England and Wales with company registration number 12629086 and registered address at Squire Patton Boggs (UK) LLP (Ref: CSU) No.1 Spinningfields, Hardman Square, Manchester, England, M3 3EB. Algbra is authorised and regulated by the Financial Conduct Authority (FCA) under the Electronic Money Regulations 2011 with FRN 952360.

For customers who joined Algbra on or after 22 July 2024: The e-money issued to your Algbra account is issued by Algbra Group Limited, which is a private limited company registered in England and Wales with company registration number 12629086 and registered address at Squire Patton Boggs (UK) LLP (Ref: CSU) No.1 Spinningfields, Hardman Square, Manchester, England, M3 3EB. Algbra is authorised and regulated by the Financial Conduct Authority (FCA) under the Electronic Money Regulations 2011 with FRN 952360.

For those customers who have ordered an Algbra Card: Your Algbra Card is currently issued by Transact Payments Limited (incorporated and registered in Gibraltar with company number 108217 and registered office of 6.20 World Trade Center, 6 Bayside Road, Gibraltar, GX11 1AA). As of 24 September 2024, or shortly after, the Algbra Card will be issued by Algbra Group Limited (FCA FRN  952360), a Principal member of Mastercard International Incorporated. MasterCard is a registered trademark and the circles design is a trademark of Mastercard International Incorporated.

Algbra Group Limited is a limited company registered in England and Wales with company registration number 12629086.

B CorpPriceless PlanetLiving Wage Employerbank greenGreen Tech Alliance
Flag: United KingdomUnited Kingdom
© 2024 Algbra. All rights reserved.