Our contribution to your safety (UK)

Your password is a virtual key to access your Raisin UK account. All you have to do is enter your email address associated with your account at Raisin UK and your password between 8-64 characters.

Choose a strong password for your Raisin UK Account. If you prefer, you can use a password manager to set and save a random and complex password.

We use industry best standards to encrypt all traffic. This helps to stop unauthorised persons gaining access to your data.

When entering your personal data on r Raisin UK, your data is encrypted with SSL (Secure Socket Layer). This encryption is recognised by an “s” after the “http” at the start of a URL.

All customer data is stored and encrypted according to industry best practices.

A mobile verification number is required to authorise orders and transactions in your Raisin UK online banking environment. When you initiate an order or transaction, a mobile verification number code is generated and sent by SMS to your mobile phone. You can then enter it to confirm the order.

We use advanced bot-protection mechanisms to secure our login and other public-facing forms against automated attacks and abusive activity.

These mechanisms run in the background and help verify that requests originate from real users rather than automated programs, without requiring intrusive challenges such as image puzzles. As a result, processing may occasionally take a little longer, particularly on slower devices or networks.

To further protect your account, we use device intelligence and fraud-detection mechanisms.

By analysing technical information about your device and connection, we can recognise trusted devices, detect unusual or high-risk activity, and apply additional security measures where necessary, such as one-time passwords.

After 15 minutes of inactivity, you will be automatically logged out of your Raisin UK online banking environment. Time remaining until automatic logout is displayed on each page. If you want to continue in your Online Banking environment, you must log in again.

We have deployed Defence in Depth Architecture using a network firewall, web application firewall, DDoS protection layer, and a content delivery network. We have strict network segmentation and isolation of environments and services in place.

We have implemented an Internal Control system aligned with industry-standard security controls that helps us protect all our customers’ data in a highly secure manner. We are audited by external certified auditors from a reputed firm for an SOC 2 Type 2 and ISAE 3402 Type 2 audit.

We go through a Privacy Certification Audit every year from reputable third-party auditors. We have implemented industry-standard best practices to ensure the privacy of our customers’ data. Customer data is hosted within the European Union.

Raisin maintains a dedicated in-house security team that leverages industry-leading tools and advanced methodologies to execute comprehensive manual and automated Vulnerability Assessment and Penetration Testing (VA/PT) across critical assets.

To ensure comprehensive coverage and an external perspective, we engage third-party penetration testing firms to conduct in-depth security audits of our web applications, mobile applications, APIs, and network infrastructure.

Additionally, we conduct Red Team engagements to simulate real-world attack scenarios, identify gaps in our defences, and enhance our detection and response capabilities.

We maintain a multi-layered cloud security framework that incorporates best practices for identity and access management (IAM), data encryption, network segmentation, and continuous security monitoring. Our cloud environments are regularly assessed for misconfigurations and compliance with industry standards.

Raisin UK partners with banks and building societies located in the UK and, in some instances, the European Economic Area (EEA).

Deposits made with our UK-based partner banks and building societies are covered by the Financial Services Compensation Scheme (FSCS), which protects deposits up to £120,000 per person, per bank. Your Raisin UK Transaction Account, provided by ClearBank, is also FSCS protected.

Banks based in the European Economic Area (EEA) are covered by a national deposit guarantee scheme in accordance with EU Directive 2014/49/EU. Under this directive, each country is required to operate a deposit guarantee scheme that protects eligible deposits – including accrued but not yet credited interest – up to €100,000 per depositor, per bank, or the equivalent in the local currency. This protection applies regardless of the EEA country where the bank is established.

We at Raisin are committed to our customers' data and privacy. We incorporate a variety of measures throughout our website to ensure our systems remain secure. Our overall data and privacy security allows us to defend our systems from smaller security issues to large-scale attacks.

If you are a security enthusiast or a researcher, and you have found a possible security vulnerability on Raisin, we encourage you to report the issue to us responsibly. You can submit a bug report to us via our Vulnerability Disclosure Program, with detailed steps required to reproduce the vulnerability.

If a bug is reported to us by you in this manner, we shall put our best efforts into investigating and fixing any legitimate issues in a reasonable time frame. In the rare instances where this might happen, we would request that you not publicly disclose your reports until we have had a reasonable opportunity to identify and remediate the issue and confirm this to you.