Legal & Security > Security

Buy and exchange digital currencies easily

Buying cryptocurrencies and exchanging them has never been easier. Choose your favourite cryptocurrency, buy it instantly or exchange it back to EUR and make a withdrawal to your personal bank account.

Our approach to security

In general, we apply different layers of organizational and technical measures to ensure all the threats to which our platform is exposed to are properly mitigated.

Measures are being implemented based on the outcome of a risk assessment and following recommendations of ISO 27002:2013 Information technology — Security techniques — Code of practice for information security management and CryptoCurrency Security Standard.

The platform is designed in accordance with requirements from the General Data Protection Regulation (GDPR) in order to ensure a proper level of personal data protection for our clients.

Organizational measures

Highly secure cold storage with controlled access

One of our main efforts is protecting crypto balances residing on different internal crypto wallets. We are monitoring the balances and the trends in order to constantly keep 98% of crypto assets on a highly secure cold storage with controlled access.

A dedicated team for monitoring

The platform is logging all the actions on the platform, and a dedicated team is monitoring the events in order to detect and respond to any suspicious activities.

Strict operational procedures

Management of cold storage, as well as all other platform support and development operations, are defined in strict operational procedures. The most sensitive operations require the “four-eyes principle”.

Security test

Secure coding principles in combination with regular penetration tests and mitigation of identified vulnerabilities are one of the core elements of the platform security.

In order to make sure that the security controls are sufficient for the ever-changing security threat landscape, a regular risk assessment process is put in place.

Technical measures

Encryption mechanisms

All communication with the platform is encrypted in order to prevent man-in-the-middle attacks and eavesdropping that could potentially expose sensitive data to attackers or other unauthorized users. Encryption mechanisms are put in place to protect sensitive data that is stored on the platform.

Network security

Network security of the platform is ensured by following the network zoning principles that segment the platform networks in a way where the already hardened servers holding the most sensitive data are separated from those with less sensitive data.

Physical security measures

In order to address unauthorized physical access to platform components and cold storages, different physical security measures are put in place. Physical access to servers is secured by the confidentiality of physical location of servers. The location has an access control system, security guards, and other security mechanisms. Hardware wallets distributed in safe deposit boxes are used for cold storage.

DDoS protection system and Web Application firewall

DDoS protection system and Web Application firewall are protecting the internet-exposed part of the platform from DDoS attacks and attacks on potential application vulnerabilities (e.g. SQL injections, file injections, XSS, etc.).

24/7 monitoring

The platform is being monitored 24/7 in order to respond to potential anomalies and/or failures.