Security Policy

Cryptocurrency

• A majority of customer deposits are stored in offline wallets. These are wallets that we keep offline with complete air-gap isolation.
• An absolute minimum of coins to maintain operational liquidity are stored in online wallets.
• All wallets are encrypted at all times. The wallets and paper backups of them are stored in several geographically distributed vaults.
• Furthermore, we maintain full reserves at all times.

Server

• Network infrastructure is segregated and protected by physical firewalls.
• We use Cloudflare for DDoS protection.
• All data is backed up on a regular basis to ensure redundancy.
• We regularly scan our networks for any security issues using several third-party service providers.
• All-network traffic is encrypted via SSL and SSH.

Software

• All application traffic is sent over SSL/TLS.
• We perform regular internal source code audits. We run an active white hat program through various third party service providers.

Account

• We offer two-factor authentication using Google Authenticator as an extra security layer for authentication.
• All sensitive data like your password is encrypted before stored in the database.

Organizational

• Prospective employees undergo security screenings during the hiring process.
• All employees use encrypted storage and encrypted password management.

Built securely from the ground up

• Bitzlato meets all industry standards to safeguard your data. We use various methods to secure our servers as well as our software.
• If you have any questions or concerns about our security, please contact our tech support.