bigX put in place a number of measures aiming to significantly limit possible attacks on our infrastructure by making it prohibitively difficult to compromise.
Our cold storage maintains approximately 98% of user funds in an offline mode. No online access is possible. We work with the institutional-grade, regulated custodian partner, BitGo, to make sure the fund’s custody solution is secure, protected and insured.
Our hot wallet maintains only the funds necessary for deposits in the queue, approximately 2%. Every day, all funds from the hot wallet go to the cold wallet for storage.
- Intelligent load balancing and failover routing among servers to increase performance
- Real-time malicious traffic detection blocks malicious server requests
- Automatic inline mitigation measures decrease latency and increase uptime
- Leading privacy and performance through encrypted connections with HTTPS
- Redundant internet channels
Penetration testing is performed by independent specialists to preserve the integrity of our systems under endless attack scenarios.
- Daily automatic encrypted database backups to multiple off-site locations
- Encrypted user password storage
The Security Team at bigX continuously monitors every level of the platform in order to maintain an inherently hostile environment toward intrusion.
INDIVIDUAL USER SECURITY
Two-Factor Authentication (2FA)
We implemented the following mechanisms of 2FA: Google Authenticator on Android and iOS devices.
Enabling 2FA places a second level of security between an attacker and withdrawal confirmations and logins.
Each login to a user’s account is saved and can be personally audited.
Monitor Withdrawals by IP
Monitoring can be made only manually.
Custom Withdrawal Check
We check every transaction manually.
Lock/Disable Withdrawal Addresses
Process coordinates only manually.
SUSPICIOUS ACTIVITY DETECTION
Suspicious activity detection is both automated by our security infrastructure and manually reviewed by our security team. This process involves the user’s participation by reviewing activities such as geolocation, suddenly high-volume trading, etc.
Our security team monitors activity patterns and recognizes deviations that could significantly change the status of account balances for a user.
These mechanisms are not intended to dictate account usage; rather, they are designed specifically as measures of due diligence while users engage with the bigX platform.