We have applied the best techniques to guarantee our clients that they trade in a safe environment.
How assets of clients are secured
Our platform applies the well-arranged cyber-security framework to guarantee that all the implemented techniques will protect the assets of our clients. To make sure that the framework is effective, we take regular stress tests and conduct security audits. That’s why, today, we can guarantee that the system that protects your funds corresponds to the highest security levels.
To protect the assets of our clients, our platform applies these instruments:
- 2FA (provided by Google Auth) to make sure that nobody except for the profile owner can enter it.
- Mandatory Bitcoin address whitelisting feature
- Cold storage of digital assets with Multisignature technology
- Hardware security modules with rating of FIPS PUB 140-2 Level 3 or higher
- Full risk check after every order placement and execution
- Encrypted SSL (https) to encrypt website traffic and make sure that it’s safe for users.
- We encrypt all types of sensitive data and hash passwords cryptographically by the bcryp feature.
- Cloudflare to prevent distributed denial-of-service (“DDoS”) attacks.
- Regular tests and check-ups by our technical team.
- On-going and IT security assessments are executed to keep up to date with new potential vulnerabilities.
Our environment is hosted on Amazon Web Services (“AWS”).
The trading software of our platform was developed by the best PrimeXBT specialists to make sure that the platform corresponds to the exclusive quality levels. The specialists minimized latency by coding every system uniquely. Plus, this approach helps the engine to execute the orders of the participants much faster. All threats related to buying power, buying power factor, maximum position size, P/L loss thresholds, and odd lot allowance, are constantly monitored by the system. The engine also checks the risks of every order after it’s placed. These innovative features make our software one of the most state-of-the-art solutions in the industry of online trading.
Safety of the client’s wallet
Cold Storage is the offline storage system where we store the digital assets of our clients. There is also a Hot Wallet, which is online storage, but it’s applied to store a small fraction of digital assets.
The wallets of our clients are protected against attacks and tolerance for losing access to a key with the Multi-signature access technology. Besides, we guarantee safe transactions from Cold Storage to Hot Wallets because such operations involve our specialists who execute them in a well-coordinated manner.
A two-step verification (or dual-factor authentication) is a safety measure that protects the data of users by applying two different authentication factors. It’s much safer than single-factor authentication, which requires only a password. It’s almost impossible to hack accounts where users have to pass the verification through 2 factors.
In addition to being highly effective, 2FA is simple to set up. That’s why we strongly recommend all our clients enable this security measure right after the creation of a new account. Our 2FA engine also applies a TOTP solution. This means that in order to verify oneself, the user will have to do this through a Google Authenticator app. This method has more layers of security than SMS dual-factor authentication.
In order to activate 2FA, you have to take the steps below:
- Download the Google Authenticator app for either iOS or Android
- Go to the System Preferences menu
- Click the ‘Enable GA’ button in the Google Authenticator section
- Backup your secret key and confirm it by clicking on the box next to ‘I backed up a 16-digit code
- Confirm the setup by entering the PIN code generated by 2FA
2FA is applied when you request a withdrawal. You will be required to enter a code from Google Authenticator.
You can deactivate this function. To do this, please, contact our support team.
Withdrawal address whitelisting
You can add the additional level of your account protection by activating the crypto Address Whitelisting features.
This way, you will create a whitelist of addresses, to which the withdrawals might be executed. All the other requests will be denied by the system. This means, that unauthorized users won’t be able to transfer your digital assets to addresses that aren’t included in your whitelist.
To activate this feature, please, follow the steps below:
- Go to the Account section and choose Withdraw menu
- Click the “Destination address” dropdown menu. Next, click ‘Add new address
- In the pop-up window fill up the label and the Bitcoin address you are willing to use for withdrawals. Press ‘Add’ to continue.
- Now you need to go to your email inbox. You will receive an email with a confirmation link. Click on it to whitelist the address. Please note that the link is only active for an hour.
- The BTC address you confirmed will be added to the Whitelist and withdrawal of funds will be possible only to that specific address.