Protecting your assets is our top priority. EIDEX uses a multi-layered security system combining institutional-grade infrastructure with cutting-edge technology to safeguard your funds and data.
- Cold storage for 95% of assets — the vast majority of funds are stored in air-gapped cold wallets, completely offline and inaccessible to hackers
- Multi-signature wallets — all hot wallet transactions require multiple cryptographic signatures from geographically separated secure locations
- Regular third-party security audits — independent penetration testing and code audits by leading cybersecurity firms
- DDoS protection via Cloudflare — enterprise-grade distributed denial-of-service mitigation with global edge network
Account Security
- Two-factor authentication (2FA) — TOTP-based 2FA via Google Authenticator or hardware security keys, required for all withdrawals
- Email confirmation for withdrawals — every withdrawal request requires email verification with a unique, time-limited confirmation link
- Anti-phishing code — set a personal anti-phishing code that appears in all official EIDEX emails, so you can verify authenticity
- Session management with IP tracking — monitor active sessions, receive alerts for new device logins, and terminate sessions with one click
Data Protection
- End-to-end encryption — all data transmitted between your browser and our servers is encrypted using TLS 1.3
- SOC 2 compliance (planned) — working towards SOC 2 Type II certification for enterprise-grade data security standards
- GDPR compliant data handling — all personal data is processed in accordance with the General Data Protection Regulation
Bug Bounty
Found a vulnerability in our platform? We take security reports seriously. Report issues to security@eidex.io and earn a reward based on severity. We follow responsible disclosure practices and will never take legal action against good-faith security researchers.