Security Layers of CoinLoan
Our priority is to guarantee security and reliability for our clients. Manage your digital assets in a safe way.
Open AccountRegulated
regulated in Europe
$250M
Insured custodian
Zero-Incident
5 years track record
Modern Encryption Standards
Traffic between a client browser and server uses the most advanced encryption algorithm, approved for use in banking institutions and credit card processing companies. DNSSEC
protects the domain from DNS attacks. All the browser requests are encrypted (HSTS).
Secure Cloud Infrastructure
We use the best cloud service provider available on the market. It is certified by the world’s
strict security standards and trusted by major banks and financial institutions.
Web Application Firewall and DDoS Protection
The top player in the web application security market analyzes server requests.
Hacking attempts, bots, and DDoS attacks are filtered out meticulously to prevent a service breakdown.
None of our servers have direct access to the Internet.
Regular Vulnerability Scans
CoinLoan infrastructure is monitored daily with the number-one vulnerability scanner to
discover weaknesses of any given sub-system. We regularly update the list of our
scanner’s tests.
Bug Bounty Program
We have a partnering program for white hat hackers and welcome ethical specialists to collaborate with
us to analyze vulnerabilities and enhance the security of the entire infrastructure. We react immediately
to any finding. If bugs or vulnerabilities are discovered, we issue an update ASAP. Up until today, we
never faced issues that could have shaken our reputation.
Read moreSecure Software Development Life Cycle
According to this methodology, all changes in a code and features implemented are inspected by
developers, tested by QA specialists, and analyzed by security experts.
Infrastructure Monitoring
Monitoring of the CoinLoan infrastructure is on 24/7 in order to spot rapid abnormal
activity and system errors.
Two-Factor Authentication
We use TOTP technology for 2FA to confirm each login attempt, funds withdrawal, password
reset, and other crucial account actions. You can read more on how 2FA works on CoinLoan
here.
Account Takeover Protection
Our system blocks any attempt to steal passwords and one-time two-factor authentication (2FA) codes.
We always notify our users via email about an ongoing login process providing such details as
browser type and geolocation.
Our email system can detect attempted intrusions fast. Each session is linked to a browser and IP address, protecting an account from cookie theft and session hijacking.
Our email system can detect attempted intrusions fast. Each session is linked to a browser and IP address, protecting an account from cookie theft and session hijacking.
SOC 2 & ISO 27001 Certification
Currently, we are pending to undergo the Service Organization Control (SOC) 2 Audit, which will
affirm that CoinLoan’s information security practices, policies, procedures, and operations meet
the SOC 2 standards for security, availability, confidentiality, and privacy. With the addition of
SOC 2, we will further strengthen our position by being certified for ISO27001. Certification to
the ISO 27001 Standard is recognized worldwide. It will indicate that our information security
management system is aligned with information security best practices.
Assets Storage
$250 million insurance
We store customers’ assets in BitGo, the most trusted custodian, with $250 million insurance
cover from Lloyd’s.
Multisignature
The multi-signature process needs several keys (N) with a required quorum of any (M) keys.
For example, you need 3 out of 5 or 5 out of 8 keys to conduct a transaction.
Thus, a single individual can't sign a transaction. At the same time, if you lose one of the
multi-sig keys, you will never completely lose control of your assets.
Cryptocurrency Security Standard (CCSS)
CoinLoan performs operations with cryptoassets according to rules outlined in
Cryptocurrency Security Standard (CCSS). It’s a security framework covering the security
requirements for companies dealing with cryptocurrency.
Safe key storage
We store encrypted keys’ parts in the bank's safe deposit boxes to prevent potential loss,
such as natural disasters, floods, earthquakes, fires, and so on.
F.A.Q
Help Center
Find answers to all your questions about CoinLoan in our Help Center.
We have plenty of instructional posts and helpful hints on how to manage assets in a safe and smart way.
To Help Center