Is chase.com legit?
Chase.com is a highly trusted website, which is expected for a major financial institution. While there are a couple of minor technical and transparency points, the core security, longevity, and operational practices are exceptionally strong.
Finance average: 80/100 · based on 48 sites
Checked: April 18, 2026 at 7:45 AM UTC · Refresh
Is chase.com a scam? Here's what we found.
The site exhibits robust security, leveraging TLS 1.3, HSTS, and a Content Security Policy. The presence of hidden elements is an unusual flag for a bank, but the absence of Google Web Risk threats is reassuring.
With a domain age of nearly 31 years and clear registration via MarkMonitor Inc., Chase.com's identity is unequivocally established. This longevity is a hallmark of a reputable, enduring organization.
The high Tranco rank, clean DNS blacklists, and long domain history firmly cement Chase.com's reputation as a legitimate and widely recognized entity in the online space. The lack of a Trustpilot profile is not a negative for a company of this scale.
Chase.com provides clear contact information, readily accessible privacy and terms pages, and a strong social media presence across five platforms, signifying a commitment to user transparency. The basic branding is a minor stylistic note rather than a trust issue.
The presence of comprehensive privacy policies and terms of service pages demonstrates Chase.com's adherence to essential legal and compliance standards. This is critical for a financial institution handling sensitive customer data.
The site benefits from a well-configured infrastructure, including multiple IP addresses, robust email authentication (SPF, DMARC), and a proper sitemap. The unsigned DNSSEC is a slight technical omission, but the overall setup is solid for reliable service.
Signals Detected
This is a well-known, high-traffic website
No structured data markup found
This business has no Trustpilot presence — not unusual for smaller or newer companies
Domain created 1995-10-11T04:00:00Z (30 years, 11 months ago)
Registered through MarkMonitor Inc.
Expires in 539 days
DNSSEC status from WHOIS
Resolves to: 146.143.141.57, 146.143.13.57, 146.143.83.57
Mail servers: cluster14.us.messagelabs.com., cluster14.us.messagelabs.com., cluster14.us.messagelabs.com., cluster14a.us.messagelabs.com.
Domain has SPF email authentication configured
Domain has DMARC email authentication configured
DNS providers: ns05.jpmorganchase.com., ns0119.secondary.cloudflare.com., ns0140.secondary.cloudflare.com., ns06.jpmorganchase.com., ns2.jpmorganchase.com., ns1.jpmorganchase.com.
Excessive hidden content found — may indicate cloaking or deceptive content
Not found on any DNS blacklists
Valid certificate, expires in 146 days
Certificate issued by DigiCert Inc
Connection uses TLS 1.3
robots.txt has 148 directives and references a sitemap
Site has a favicon but no social sharing metadata
Site enforces HTTPS via HSTS
Site has Content Security Policy configured
X-Frame-Options: SAMEORIGIN
No threats detected by Google Web Risk
Site maintains a proper sitemap with 5875 indexed pages
Website is live and responding
Website appears to have contact information
Website has both privacy policy and terms of service pages
Website links to multiple social media platforms
Could not query Wayback Machine
Could not query certificate transparency logs
Fast page load
Embed This Badge
Stay Safe Online
Good habits to protect yourself, no matter the scan result.
Never reuse passwords across sites.
Add a second layer of security to your accounts.
Always verify unfamiliar stores before entering payment info.