Our Security Outlook
Our infrastructure, operations, and Bitcoin security principles
- Our critical infrastructure is stored in military-grade vaults
- We’ve built an integrated monitoring system to automatically detect, alert, and mitigate potential attacks.
Minimize Required Trust
- We use a physically isolated, self-hosted system to reduce our dependency on third parties and their associated security risks.
- Employees have limited access to personally identifiable information.
Review Everything. Twice.
- Code commits must be signed and are never merged without review from multiple parties.
- Our systems receive independent penetration tests from leading global security firms.
Secure Bitcoin Custody
A new standard of security for financial services.
Offline & in Cold Storage
We require multiple signatures to identify and authorize a transaction, reducing system vulnerability.
Geographically Dispersed Keys
Our Bitcoin infrastructure is self-hosted and physically located inside of military grade vaults in highly secure data center facilities.
Over 99% of clients’ Bitcoin is kept offline in cold storage to maximize the security of their investment.
Military-grade Physical Storage
Access to cold storage keys requires traveling to multiple geographically dispersed locations.
All accounts are protected from theft by industry leading security standards.
We require multi-factor authentication upon account creation with a time-based one-time password or SMS/Text verification.
Account passwords are hashed via bcrypt with a work factor of 14.
We protect your data with advanced security infrastructure.
Rigorously Managed Data Security Standards
We store the least amount of data for the shortest time possible and use tiered, role-based access controls.
Fully Encrypted Data
All application data is encrypted with AES256-GCM.
We use physically isolated, self-hosted infrastructure to eradicate the potential for Spectre-class vulnerabilities.
Compliance & Certifications
Non-critical operations leverage cloud infrastructure that has undergone SOC 2 Type II examinations.