We take careful measures to ensure that your coins are as safe as possible.
Security of funds and user information is our top priority. Our security team is continually improving our end-to-end security measures, improving auditing processes, and reducing the 'attack surface' of our infrastructure. Please note that we cannot disclose too many details of the security measures implemented on the platform for security and proprietary reasons.
User Account Protection
2-Step Verification on All Accounts
In addition to your username and password, you'll enter a code from your mobile phone (Google authenticator) or email, adding an extra layer of security for your account.
Advanced verification tools to monitor the integrity of your account
Login data is saved and analyzed for unusual activity.
Intelligent system detects IP Address changes to prevent session hijacking.
Email notifications report logins for malicious activity.
Limit access to your account based on IP address.
Security system monitors withdrawals by IP address and other user behavior patterns, triggering manual admin inspection on withdrawals that appear unusual.
Encrypted email communication (TLS) adds an extra layer of privacy and security.
We hash passwords stored in the database using PBKDF2 algorithm with a SHA256 hash
Our website traffic runs entirely over encrypted SSL (https).
Wallets (and private keys) are stored using encryption.
Application credentials are kept separate from the database and code base.
We rate limit a variety of actions on the site (login attempts, etc).
We use SQL injection filters and verify the authenticity of POST, PUT, and DELETE requests to prevent CSRF attacks.
Always up-to-date Linux systems to host the platform
Our servers network is protected using always up-to-date software and the best possible practices.
Automatic backup of the database once a day
Once a day, the database of the platform is backed up, encrypted and compressed as an archive.
Protection from DDoS attacks
We are protected by automatic Distributed Denial of Service protection to ensure that trading cannot be halted by outside attacks.