CoinDCX takes the security of digital assets and any private information stored within the platform very seriously. Our platform is built with industry-leading security protocols which are regularly tested to check any violations. Our team is constantly auditing and building upon existing protocols to ensure that our security is up-to-date and impenetrable. CoinDCX uses geographically distributed cold wallets, DDoS protection, regular stress testing measures, and multi-signature authentications to ensure world-class security.
We ensure that we are maintaining all the necessary cryptocurrency security standards to keep the user’s funds safe. The cutting-edge protocols safeguard the digital coins and private keys of all our users from any hacks and malicious attacks. With a growing global user base, CoinDCX is growing its technology and security team by bringing more avant-garde minds to research the potential attacks and guarantee protection from these attacks with innovative solutions.
Below are few of the measures which CoinDCX has deployed to safeguard user data and fund:
|Geographically Distributed Cold Wallets||Our funds are held in geographically distributed multi-signature cold wallets. No single person has access to multiple wallets at the same time, nor can just a single person remove funds from any wallet.|
|Withdrawal Confirmations||All cryptocurrency withdrawals are first verified through a confirmation email before they are processed. Additionally, large withdrawals are manually vetted by our security team, adding yet another preventative measure.|
|Regular Stress Testing||We conduct regular stress, scenario, and penetration tests to mitigate any attack vector onto our platform. If found, our expert team proceeds to solve these issues, while continually testing our systems’ abilities to withstand load and detect intrusion.|
|2-Factor Authentication||2FA allows you to add an extra layer of security to your account, through OTPs received on your mobile number or by enabling Google Authenticator.|
|Complete Fund Safety||Only 5% of all funds are kept on hot wallets. 95% of all funds on CoinDCX are kept on multi-sig cold wallets. We keep full reserves to always facilitate immediate withdrawals.|
Safety of the funds is your responsibility as well. Even after taking all the measures from the exchange’s end, the trader should necessarily follow certain measures to ensure that the funds in his wallets are safe. The company can ensure that the locks are indestructible, but it is a part of your precautionary procedures to not distribute your keys or the location of your keys in public. Similar to these, a set of guidelines are necessary for our users to ensure their CoinDCX account is well-protected.
How do I secure my Cryptocurrency: Guidelines
|Set up 2 – Factor Authentication||Setting up Two-Factor Authentication will ensure that no one can access your CoinDCX account without gaining access to both your password and the OTP.|
|Always check your browser address bar||Always make sure the URL you’re visiting is:https://coindcx.com/. If the website you’re on looks exactly like ours but is even slightly different – you could be a victim of phishing and could lose control of your account. Bookmark the URLhttps://coindcx.com/. Remain vigilant!|
|Do not share sensitive information with anyone||While our community managers on Telegram and our support teams regularly converse with users over chat or call, no single CoinDCX employee will ask for any sensitive information from you. The most employee will ask is your email, phone number, and Support Ticket ID.|
|Use a strong password||We recommend that you use a strong password for your CoinDCX account. While we have the highest levels of cryptocurrency security for our platform, using an easy-to-guess password leaves you vulnerable to “guess hackers”.|
|Double-Check the recipient address||It is also essential that you double-check the recipient address and the amount as once it’s sent it cannot be retracted and is unrecoverable.|
|Beware of Scammers||Many hackers will try and use fraudulent techniques to obtain sensitive information by posing as a trustworthy entity. They send convincing emails posing as a cryptocurrency exchange and acquire login details and personal passcodes using phishing/social engineering. The hackers can use this information to access your cryptocurrency wallets causing harm. Avoid this by remaining cautious.|
|Phishing Scams||In a phishing scam, an attacker tries to disguise themselves as a trustworthy entity to trick you into giving them sensitive information that can be used to gain access to your devices and accounts to steal your money. Therefore, our clients must be very careful and practice good habits to avoid falling victim to these scams.|
As a user of a cryptocurrency trading platform, we understand you might want additional security features that help you protect your funds from hacks and phishing attacks. We have added an extra security measure of adding and marking the wallet addresses as trusted addresses for withdrawal purposes.
What is the new feature?
There are chances that you can get exposed to a phishing scam or a hack and this new security feature will protect your funds. Each user on CoinDCX must –
- Have a list of addresses they have interacted with in the past. Keeping a note of the public address from our wallet history can be done efficiently if we save an address for a specific token and label them accordingly.
- Not trust all wallets they have interacted with. It might happen that a few of their withdrawals were a one-time crypto-transfer and will never be repeated. Marking wallet addresses that belong to your friends and family and people whom you trust could help you define the wallet addresses that you want to trust. For every address present in the Address Management record book – users need their 2FA + Withdrawal Password + Email confirmation handy to mark one or more addresses as trusted.
- Enable Only-Trusted withdrawals to ensure that no one can send cryptos to another wallet address in case your account gets hacked. Users will only be able to send funds to trusted addresses. This increases security even more. Enabling or disabling Only-Trusted withdrawals requires 2FA + Withdrawal password + Email confirmation. This toggle is shown on the top right corner of the address management subpage.
Listed below are important tips to adhere to that can help protect you from phishing scams: We will
• Never ask you for your passwords. Never give out your passwords to anyone who asks.
• Never ask you to remove or change your security settings.
• Never request access to your devices via remote desktop access software.
Email or Telephonic Scams – CoinDCX will never call you personally on your phone. If you find a phone number claiming to be for CoinDCX support, it’s a scam. Do not call it. Instead, please send us a support ticket with information about the scammer so that we can take appropriate action.
Also read: Sentiments in Cryptocurrency trading.
How to identify illegitimate emails which are NOT from CoinDCX:
- The sender’s email address or phone number doesn’t match the name of the company that the sender claims to be from.
- The email has been sent to a different mailing address than the one you have submitted to CoinDCX.
- The message starts with a generic greeting, like “Dear customer.”
- Most legitimate companies will include your name in their messages to you.
- A link appears to be legitimate but takes you to a website whose URL doesn’t match the URL of the company’s website.
- The message looks significantly different from other messages that you’ve received from the company.
- The message requests personal information, like a credit card number or account password. The message is unsolicited and contains an attachment.
Such emails are from sources other than CoinDCX, although they might appear to be from CoinDCX. Most often, the emails and the attachments in the email are malicious and should not be opened. Don’t provide any sensitive information to any person/site.
*To report spam or other suspicious emails/activities, please send an email to [email protected] providing details of the activity/email.
|Avoid using Public Wi-Fi||Public wifi can divert your browser to a page that could resemble your exchange or wallet. Hackers can then use that to gather your information and data that is transmitted through the network. Use a Virtual Private Network (VPN) if you are accessing your account using public wifi.|
|Make sure your Device is Secure||It is extremely important to ensure the safety of your device by constantly updating the security measure on your devices such as a firewall and antivirus software. It is also necessary to make sure that you don’t download and install any software you aren’t sure of.|
|Keep Your Holdings and Information Private||Stealing cryptocurrency is extremely appealing to hackers and criminals as it offers anonymity. It’s extremely crucial that at any event, social gatherings, and meetups you never reveal the details of your holdings.|
Also read: Improved security features.
An authenticator app is usually installed on a smartphone and it generates a 6-8 digit passcode every 30 seconds. The passcode can be used for login, trading, and depositing or withdrawing funds from your account, or as a Master Key. Enabling Two-Factor Authentication (2FA) for Deposits & Withdrawals (i.e. Funding) improves your account security by preventing attackers from moving funds in or out of your account even in the event of a compromise of your username/password. Two-factor Authentication (2FA) is an extra layer of security for your CoinDCX account that can be utilized to • ensure that you are the only person who can access your account • ensure you are the only person who can perform account actions such as depositing, withdrawing, or trading.
To learn steps to secure your account with Two-factor Authentication (2FA) on CoinDCX, Click here
What are the steps to invest in Bitcoin?
Top secure Crypto wallets:
Written By: Akash Mishra, Director of Security, CoinDCX, Blockchain Enthusiast, White Hat Hacker Listed in Hall of fame of Airbnb, Shopify, Zomato, eBay, etc.