Crypto Maniac Security Policy
Offline Funds Storage.
Offline Funds Storage
We store the majority of our customer's funds in a secure offline wallet, with only a portion available in a 'hot' wallet for instant withdrawals. This method vastly improves security at a minor expense of large withdrawals requiring manual processing.
We utilize a leading DDoS provider for all public facing content and cache all static content on a CDN to provide the fastest possible load times.
Our website traffic runs entirely over encrypted SSL (https) using Extended Validation (green bar) certificates. Wallets (and private keys) are stored using AES-256 encryption.
We use firewalls to only allow authorized access to specific ports
All interaction with the website is required over HTTPS so all communication is encrypted via SSL.
Customers can set up two-factor authentication for accounts with Google Authenticator to provide an extra layer of security.
We use SQL injection filters and verify the authenticity of POST, PUT, and DELETE requests to prevent CSRF attacks.
All requests pass through a security layer to prevent DDoS and other security threats.
We hash passwords stored in the database (encrypted). We check for strong passwords on account creation and password reset.