In the world of cryptocurrencies, choosing the right exchange should go beyond selecting one based solely on offering the best fees or a wide variety of cryptocurrencies. The security of customer assets is one of the essential factors when deciding on an exchange. Cryptocurrencies are a form of electronic money, making it vital to ensure that your assets are protected and guaranteed during transactions.
A reliable exchange should have legal protection measures for customers, such as having a physical headquarters in a country with clear regulations, away from tax havens, being transparent with its accounts, and demonstrating a strong commitment to regulatory compliance.
In addition to legal protection, a trustworthy exchange should actively ensure the security of customer assets. Only through this approach can trust be fostered in the cryptographic ecosystem.
Factors Ensuring the Security of Customer assets
Cybersecurity
A cryptocurrency platform must be fortified against cyberattacks. Hackers attempt to breach such platforms and exploit any security vulnerabilities to access customer assets. When choosing a reliable exchange, it’s crucial to assess its cybersecurity measures and determine if they are sufficient.
At Bit2Me, we take cybersecurity seriously. We were the first European exchange to obtain ISO 22301, endorsing our information security management system, and we have renewed ISO 27001. We also hold the CSA STAR, a prominent distinction in the sector that attests to our ability to protect cloud environments.
Bit2Me employs a multi-layered cybersecurity model:
- Layer 1: At the Workspace level, paying attention to every detail in our human resources.
- Layer 2: In software development, with QA reviews, encrypted communications, and the highest quality standards.
- Layer 3: In communication, using the best protection standards (WAF, isolated service execution, SIEM, internal and external SOC, IDS monitoring).
- Layer 4: In cryptocurrency management with cold storage custody, protection insurance, automatic analysis, integrity analysis, advanced MPC, distributed multisignature by countries, etc.
- Layer 5: In account access, with passwords, 2FA in operations, device validation authorized IP, connection/operation analysis, and biometric access.
- Layer 6: In customer protection, through PBC analysis, 3DS card payment verification, 100% encrypted data at rest and in transit, active support, and training policies.
Fiat Money Custody
Another crucial factor is the custody of fiat money. Fiat money custodians are independent and regulated entities responsible for safeguarding and managing assets in the form of fiat currency, such as dollars, euros, or other traditional currencies, on behalf of their clients. They play a crucial role in ensuring the security and integrity of assets, preventing losses, theft, or misappropriation.
By taking custody responsibility, these entities contribute to maintaining trust in the system by providing a secure environment for asset storage, supporting the stability and efficiency of global economic transactions.
Furthermore, assets are protected by a safeguard fund. This means that all customer assets are deposited in an account within a Electronic Money Entity regulated by the Bank of Spain (in the case of Bit2Me, this entity is Pecunia Cards EDE S.L). These assets are separate from those of Bit2Me, similar to a traditional bank, ensuring availability whenever the user wishes.
Cryptocurrency Custody
Just as fiat money must be protected, the security of cryptocurrencies must also be guaranteed. Cryptocurrencies should be stored in cold storage and have a cryptocurrency custodian. Cryptocurrency custody is the process of securing assets against theft and attacks, carried out by third-party companies hired to oversee and act as guardians.
Cryptocurrency custodians do not store the assets, as cryptocurrency data and transaction information are stored on the blockchain, a public digital ledger. Instead, custodians protect users’ private keys, crucial information that allows access to assets.
In the case of Bit2Me, we partner with Ledger Enterprise for the custody of our customers’ cryptocurrency assets. Ledger Enterprise is one of the most prestigious custodial companies in the crypto sector.
Asset Insurance Coverage
Alongside cryptocurrency custody, having insurance coverage for the majority of assets is crucial. These insurances protect all or a significant portion of the assets in the event of an incident (such as a cyberattack) that results in their loss.
In the case of Bit2Me, customers’ cryptocurrency assets are protected by a coverage insurance of 150 million euros, provided by Lloyd’s, as part of the custody agreement we have with Ledger Enterprise.
Reserve Proof
In addition to providing maximum protection and all possible guarantees, a reliable exchange must be transparent. To achieve this, some form of Reserve Proof must be conducted, demonstrating that the platform indeed possesses the assets it claims to have.
Reserve Proofs, or Proof of Reserves, are reports that allow users to verify that the platform they operate on genuinely has the assets in custody. One effective way to conduct this proof is through a Merkle Tree, a data structure that respects user privacy by separating information into “branches” and “leaves.”
Reserve Proofs offer users transparency regarding the existence of assets, fostering greater confidence in the platform. In the case of Bit2Me, Reserve Proofs have been conducted by Hacken, an independent company responsible for such audits.
At Bit2Me, we take the security of our customers’ assets very seriously, doing everything in our power to guarantee them; from a multi-layered cybersecurity model to conducting Reserve Proofs through the Merkle Tree. We work hard every day to provide our customers with an exchange where they can feel secure, knowing that their rights will always be protected. If you want to delve into why Bit2Me is a reliable exchange, don’t miss this article where we analyze the points that make us stand out in areas such as consumer protection, security, and customer service.
