iMoose Security

Best Practices in Crypto-Currency Exchange Industry

Protecting your funds and privacy is our number one priority

iMoose® takes a comprehensive approach to safeguarding your investments. Our team of experts has built in a number of sophisticated measures to prevent the theft of money and information.

As a professional exchange, of course, the theft is not the only threat. We maintain financial stability with full reserves, healthy banking relationships and the high standards of legal compliance.

1. Secure Storage of Customer Fund

98% of our users' funds are kept in an off-line, air-gapped, geographically distributed cold storage with multi-signature technology.

We keep full reserves so that you can always withdraw immediately on demand.

2. Your Account Security

Account Security

Two-Factor Authentication (2FA) is required for actions such as login, withdrawals or changes in account settings.

Information Security

Passwords and sensitive information in our database are hashed & encrypted.

Addresses White-list

Addresses White-listing allows you to restrict withdrawals only to your white-list addresses, or block all crypto currencies withdrawal activity for your account if there is no address in your white-list.

Rate-Limit

Rate-limiting is used to some of the account actions in order to thwart brute force attacks, for example, login attempts.

3. Our Infrastructure Security (WEB)

a. Secure Data Transmission

All data transmitted between website page and server is encrypted by SSL Connections

b. External attack protection

By Adopting GSLB (Global Sever Load Balance), our infrastructure architecture intelligently distributes web traffic across server resources located in multiple geographies to filter and protect against DDOS to ensure that trading cannot be halted by external attack.

By implementing two layers of proxy web server in front of our server farm, we raises the bar for any intruder to break into our system.

4. Internal Control

All employees undergo criminal and credit background checks and are subject to ongoing background checks throughout their employment
We use separate passwords and two-step verification with each device and service.
Employees are required to encrypt their hard drives, utilize strong passwords, and enable screen locking.
Multiple signatories are required to transfer crypto currency out of our Offline (Cold) Storage System.

Reporting Security Issues

We have set a Bug Bounty Program to reward your efforts on security studies to keep iMoose community safer.

If you believe that you have discover a security vulnerability, we would like to hear from you, please email our security team at security@imoose.com.