Security | Covesting Cryptocurrency Trading Platform

Cyber-security framework

The purpose of the COVESTING’s Cyber-security framework is to ensure that there are strict measures and practices in place to protect customer assets against any eventualities and threats. The majority of customer digital assets (e.g., bitcoin) are held in our offline wallet system (Cold storage). All customer fiat funds are held separately from company's operating accounts. We are conducting periodical stress tests and security audits to ensure compliance with the strictest security standards.

Digital Asset Security

Cold Storage

Offline wallet system (Cold storage) provides an important security measure against hacking, theft or loss. Asset transfers from the Cold storage require actions of multiple employees. All private keys are stored in safe deposit boxes and vaults distributed geographically.

Hot Wallets

The hot wallet keys are generated, stored and managed in HSM (hardware security modules) serviced by CloudHSM provided by Amazon. Cloud HSM’s hardware has been evaluated according to FIPS publication 140-2 with a rating of Level 2. Learn more

Platform Protection

2FA (provided by Google Auth) provides security to the login/registration processes, as well as executing withdrawals.
SQL injection filters are implemented to verify the authenticity of requests to prevent CSRF attacks.
Our website traffic runs through encrypted SSL (https).
We partner with Cloudfare and other vendors to mitigate potential distributed denial-of-service (“DDoS”) attacks.
All passwords are cryptographically hashed (using bcrypt with a cost factor of 12) while all other sensitive data is encrypted.
All systems used will ensure the right level of access to authorized personnel with up to date monitoring systems. On-going and proactive security assessments are conducted to keep up to date with new threats and potential vulnerabilities.

Internal Controls

COVESTING‘s staff is educated on cybersecurity awareness and adequately trained to perform their information security-related duties and responsibilities consistent with related policies, procedures and agreements. We are compliant with four eyes principles as required by GFSC. All employees undergo criminal and background checks, and are subject to ongoing checks throughout their employment at COVESTING.

All trading involves risk of capital loss. When using Covesting services to purchase cryptocurrencies you will not benefit from the same protections available to clients receiving MiFID regulated investment services. Under no circumstances shall Covesting have any liability to any person or entity for any loss or damage in whole or part caused by, resulting from, or relating to any transactions related to Cryptocurrencies or any direct, indirect, special, consequential or incidental damages whatsoever. Trading with Covesting by following and/or copying or replicating the trades of other traders involves a high level of risks. Such risks include the risk that you may be replicating the trading decisions of possibly inexperienced/unprofessional traders, or traders whose financial status may differ from yours. Past performance of any user in Covesting platform is not a reliable indicator of his future performance. Some of the content on Covesting’s copy-trading platform is generated by members and does not contain advice or recommendations by or on behalf of Covesting.