As the price of Bitcoin and other cryptocurrency soared since the last quarter of 2017, it has gathered the attention of hackers. The threats faced by any digital currency exchanges are getting more serious each day. As one of the digital currency exchanges, Tokenize is continually improving our platform security and digital wallet security.
On top of heightening our backend security, we also emphasize on our frontend website security. According to Balabit, a leading provider of contextual security technologies, the most popular hacking method is social engineering (e.g phishing). Thus, you share the responsibility to keep your own account safe.
Tokenize’s Platform Security Features
Tokenize has put in place a few levels of security features and procedures to keep your account safe and free our website from bots.
reCAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart)
When you sign up or log in to our website, you are prompted to solve some quests to find boxes containing vehicle or signboard images. The CAPTCHA quests are easy for people but hard for bots. This step is crucial in protecting our website from spam and abuse so that we can focus on bringing more values to our customers than fighting off the bots.
You may find this step tedious at first when you try to sign in from different places for the first time. However, here’s why it is important: this whitelist populates a list of trusted IP addresses that can have access to your account. Only you can add the IP addresses to the whitelist. Thus, it prevents hackers from accessing your account from random IP addresses.
Mobile verification can be done easily. You just need to key in your mobile phone number to receive a one-time-password (OTP), and key in the OTP to complete the verification. We require you to provide your real phone number for one important reason: in case of any suspicious activity or fund movement in your account, we need to contact you to verify it is really you who did the transaction.
Two Factor Authentication (2FA)
2FA adds another layer of security by requiring both your password and another form of authentication such as a physical token. We use Google Authenticator for this purpose. Once you have scanned the QR code to link the Authenticator with Tokenize, you will get a 6 digit code to key in on the same page. After which, you will get an email notification to confirm the enabling of 2FA. Key in the 6 digit codes display in the Authenticator app again to complete the process. The next time you log in, you will be prompted to key in a 6 digit code generated by the Authenticator. So keep your phone handy when you log in!
What else can you do to keep your account safe?
- Choose a secure password Create a password that is at least 8 characters long with a combination of upper case, lower case, numeric and special characters.
- Do not access your account from an unsecured network as hackers may intercept your login credentials and data or distribute malware on your laptop.
- Make sure no one is monitoring you or looking at your keyboard or screen when you are logging in to the account.
- Do not leave your device open when you are away. Always log out from your Tokenize account when you are not using it. You will also be automatically logged out on 15 minutes inactivity.
As we are currently at the early stage of Beta testing, we will execute every transaction cautiously. Thus, we appreciate your understanding and patience should there be any extra steps to verify your identity and transaction details or if the transaction time takes a little longer.
If you have any feedback or suggestion regarding this topic, feel free to contact us or leave us a comment below.