CoinDCX takes the security of the digital assets and any private information stored within the platform very seriously. Our platform is built with industry-leading security protocols which are regularly tested to check any violations. Our team is constantly auditing and building upon existing protocols to ensure that our security is up-to-date and impenetrable. CoinDCX uses geographically distributed cold wallets, DDoS protection, regular stress testing measures, and multi-signature authentications to ensure world-class security.
We ensure that we are maintaining all the necessary cryptocurrency security standards to keep the user’s funds safe. The cutting-edge protocols safeguard the digital coins and private keys of all our users from any hacks and malicious attacks. With a growing global user base, CoinDCX is growing its technology and security team by bringing more avant-garde minds to research on the potential attacks and guarantee the protection from these attacks with innovative solutions.
Below are few of the measures which CoinDCX has deployed to safeguard user data and fund:
Geographically Distributed Cold Wallets - Our funds are held in geographically distributed multi-signature cold wallets. No single person has access to multiple wallets at the same time, nor can just a single person remove funds from any wallet.
Withdrawal Confirmations - All cryptocurrency withdrawals are first verified through a confirmation email before they are processed. Additionally, large withdrawals are manually vetted by our security team, adding yet another preventative measure.
Regular Stress Testing - We conduct regular stress, scenario, and penetration tests to mitigate any attack vector onto our platform. If found, our expert team proceeds to solve these issues, while continually testing our systems’ abilities to withstand load and detect intrusion.
2-Factor Authentication - 2FA allows you to add an extra layer of security to your account, through OTPs received on your mobile number or by enabling Google Authenticator.
Complete Fund Safety - Only 5% of all funds are kept on hot wallets. 95% of all funds on CoinDCX are kept on multi-sig cold wallets. We keep full reserves so as to always facilitate immediate withdrawals.
Safety of the funds is your responsibility as well. Even after taking all the measure’s from the exchange’s end, the trader should necessarily follow certain measures to ensure that the funds in his wallets are safe. The company can ensure that the locks are indestructible, but it is a part of the your precautionary procedures to not distribute your keys or the location of your keys in public. Similar to these, a set of guidelines are necessary for our users to ensure your CoinDCX account is well-protected
Please follow the following guidelines:
Set up 2 - Factor Authentication - Setting up Two-Factor Authentication will ensure that no-one can access your CoinDCX account without gaining access to both your password and the OTP.
Always check your browser address bar - Always make sure the url you’re visiting is: https://coindcx.com/. If the website you’re on looks exactly like ours but is even slightly different - you could be a victim of phishing and could lose control of your account. Bookmark the url https://coindcx.com/. Remain vigilant!
Do not share sensitive information with anyone - While our community managers on Telegram and our support teams regularly converse with users over chat or call, no single CoinDCX employee will ask for any sensitive information from you. The most any employee will ask is your email, phone number, and Support Ticket ID.
Use a strong password - We recommend that you use a strong password for your CoinDCX account. While we have the highest levels of cryptocurrency security for our platform, using an easy-to-guess password leaves you vulnerable to “guess-hackers”.
Double-Check the recipient address - It is also essential that you double-check the recipient address and the amount as once its sent it cannot be retracted and is unrecoverable.
Beware of Scammers - Many hackers will try and use fraudulent techniques to obtain sensitive information by posing as a trustworthy entity. They send convincing emails posing as a cryptocurrency exchange and acquire login details and personal passcodes using phishing/social engineering. The hackers can use this information to access your cryptocurrency wallets causing harm. Avoid this by remaining cautious.
Phishing Scams - In a phishing scam, an attacker tries to disguise themselves as a trustworthy entity in order to trick you into giving them sensitive information that can be used to gain access to your devices and accounts to steal your money. Therefore, it is important that our clients be very careful and practice good habits to avoid falling victim to these scams.
Listed below are important tips to adhere to that can help protect you from phishing scams:
We will never
• never ask you for your passwords. Never give out your passwords to anyone who asks.
• never ask you to remove or change your security settings.
• never request access to your devices via remote desktop access software.
Email or Telephonic Scams - CoinDCX will never call you personally on your phone. If you find a phone number claiming to be for CoinDCX support, it's a scam. Do not call it. Instead, please send us a support ticket with information about the scammer so that we can take appropriate action.
How to identify illegitimate emails which are NOT from CoinDCX:
• The sender’s email address or phone number doesn’t match the name of the company that sender claims to be from.
• The email has been sent on a different mailing address than the one you have submitted to CoinDCX.
• The message starts with a generic greeting, like “Dear customer.”
• Most legitimate companies will include your name in their messages to you.
• A link appears to be legitimate but takes you to a website whose URL doesn’t match the URL of the company’s website.
• The message looks significantly different from other messages that you’ve received from the company.
• The message requests personal information, like a credit card number or account password. The message is unsolicited and contains an attachment.
Such emails are from sources other than CoinDCX, although they might appear to be from CoinDCX. Most often, the emails and the attachments in the email are malicious and should not be opened. Don’t provide any sensitive information to any person/sites.
*To report spam or other suspicious emails/activities, please send an email to firstname.lastname@example.org providing details of the activity/email.
Avoid using Public Wi-Fi - Public wifi can divert your browser to a page that could resemble your exchange or wallet. Hackers can then use that to gather your information and data that is transmitted through the network. Use a Virtual Private Network (VPN) if you are accessing your account using public wifi.
Make sure your Device is Secure - It is extremely important to ensure the safety of your device by constantly updating the security measure on your devices such as a firewall and antivirus software. It is also necessary to make sure that you don’t download and install any software you aren't sure of.
Keep Your Holdings and Information Private - Stealing cryptocurrency is extremely appealing to hackers and criminals as it offers anonymity. It’s extremely crucial that at any event, social gatherings, and meetups you never reveal the details of your holdings.
An authenticator app is usually installed on a smartphone and it generates a 6-8 digit passcode every 30 seconds. The passcode can be used for login, trading, and depositing or withdrawing funds from your account, or as a Master Key. Enabling Two-Factor Authentication (2FA) for Deposits & Withdrawals (i.e. Funding) improves your account security by preventing attackers from moving funds in or out of your account even in the event of a compromise of your username/password.
Two-factor Authentication (2FA) is an extra layer of security for your CoinDCX account that can be utilized to:
• ensure that you are the only person who can access your account
• ensure you are the only person who can perform account actions such as depositing, withdrawing, or trading
To learn steps to secure your account with Two-factor Authentication (2FA) on CoinDCX, Click here
Director of Security, CoinDCX
Blockchain Enthusiast, White Hat Hacker
Listed in Hall of fames of Airbnb, Shopify, Zomato, Ebay etc