At River, we make security one of our top priorities. We recommend that to keep your account safe, you make security one of your priorities too. Regardless of how much security experience you have, there are steps you can take to ensure that your account and your funds do not become compromised.
- Think Before You Trust.
- Layer Your Security.
Most often, bitcoin is stolen by tricking people, not by hacking computers. You should not transmit sensitive information over the internet. Remember that a River employee would never ask for sensitive information via social media or a messaging app. If someone reaches out to you claiming to be a part of River Financial, you can verify whether it’s an actual River employee by contacting support.
To learn how to disclose a potential security vulnerability to River, visit our knowledge base.
Combine password management, TOTP, and hardware authentication keys to greatly improve the security of your account information.
General Password Security
Generate random passwords and store them using a password manager. In general, consider these options for password security:
- Generate strong, random passwords;
- Store your passwords in a dedicated manager like Multipass or 1Password;
- Use your fingerprint or Face ID to unlock when possible; and
- Never give out your password to anyone.
Time-based One-Time Passwords (TOTP)
Use 2-factor authentication on all accounts, preferably non-SMS. One alternative we have found is TOTPs, which generate a random password that changes after a few seconds. Each new code renders the previous code invalid. Even if a bad actor had your username and password, they would still need the current TOTP, which is stored securely on your phone.
Hardware authentication devices are another secure option to prevent unauthorized access to your accounts. A hardware key offers physical protection and works just like a regular key. No one can unlock your account without the key.
Communicate over the internet with caution. We recommend that you avoid clicking, downloading, or saving anything in a suspicious email. Only download software applications and programs from reputable sites operating with a web address beginning with “https”.
By following these security tips, you can greatly reduce the risk of your accounts being hacked. However, it remains important to monitor your financial accounts for transaction anomalies. For example, check the status of your accounts often, especially bank, cryptocurrency, or other accounts that hold financial information. If you do not closely monitor your accounts and email, then a fraudster could transfer money out of your account without you knowing. Closely watch your email to check for confirmation emails that follow account activity.
River allows you to track your account activity log in the Settings page. River also sends email notifications to clients when any of the following occur:
- Email and password changes
- Cash deposits and withdrawals
- Bitcoin buys and sells
- Bitcoin transfers
If you receive any of those notifications, and you did not authorize that action, then you should report the suspicious activity by contacting support as soon as possible.
Security is who we are.
At River, our private client support team is highly trained in security awareness. We treat data as nuclear waste, and we are setting a new standard of best practices within the industry. Bitcoin is a relatively new technology, but in its twelve years of existence, it has proven to be the most secure digital system in the world and the most reliable monetary system ever invented. We have several educational resources dedicated to security for your Bitcoin wallets. For more on account security generally, visit our knowledge base.