faqs

knowledge base

back to faq

SECURITY & PRIVACY

What security features does bigX have?

bigX put in place a number of measures aiming to significantly limit possible attacks on our infrastructure by making it prohibitively difficult to compromise.

PLATFORM SECURITY

Cold Wallet

Our cold storage maintains approximately 98% of user funds in an offline mode. No online access is possible. We work with the institutional-grade, regulated custodian partner, BitGo, to make sure the fund’s custody solution is secure, protected and insured.

Hot Wallet

Our hot wallet maintains only the funds necessary for deposits in the queue, approximately 2%. Every day, all funds from the hot wallet go to the cold wallet for storage.

DDoS Protection

  • Intelligent load balancing and failover routing among servers to increase performance
  • Real-time malicious traffic detection blocks malicious server requests
  • Automatic inline mitigation measures decrease latency and increase uptime
  • Leading privacy and performance through encrypted connections with HTTPS
  • Redundant internet channels

Standard Procedure

Penetration testing is performed by independent specialists to preserve the integrity of our systems under endless attack scenarios.

  • Daily automatic encrypted database backups to multiple off-site locations
  • Encrypted user password storage

The Security Team at bigX continuously monitors every level of the platform in order to maintain an inherently hostile environment toward intrusion.

 INDIVIDUAL USER SECURITY

Two-Factor Authentication (2FA)

We implemented the following mechanisms of 2FA: Google Authenticator on Android and iOS devices.

Enabling 2FA places a second level of security between an attacker and withdrawal confirmations and logins.

Login History

Each login to a user’s account is saved and can be personally audited. 

Monitor Withdrawals by IP

Monitoring can be made only manually.

Custom Withdrawal Check

We check every transaction manually.

Lock/Disable Withdrawal Addresses

Process coordinates only manually.

SUSPICIOUS ACTIVITY DETECTION

Suspicious activity detection is both automated by our security infrastructure and manually reviewed by our security team. This process involves the user’s participation by reviewing activities such as geolocation, suddenly high-volume trading, etc.

Our security team monitors activity patterns and recognizes deviations that could significantly change the status of account balances for a user.

These mechanisms are not intended to dictate account usage; rather, they are designed specifically as measures of due diligence while users engage with the bigX platform.

back to faq