Security Infrastructure

How Trade8 secures your funds and data

Securing customer funds and data is our top priority.

We have an incredible track record in keeping customer funds safe: Trade8 has never been hacked and no customer has ever had their funds compromised. This is in large part due to the security apparatus we've built, which we outline below.

We offer end-to-end encryption, comprehensive DDOS protection, 2-factor authentication, and offline storage for client crypto keys (>98% of funds are stored in cold wallets).

The best way to secure your account is to enable 2-factor authentication from your Settings. Trade8 uses several different methods to ensure the safety of client digital currency wallets, our networks, servers, and software:

Fund Security

Over 98% of customers funds are preserved in cold storage, out of reach of software hackers. Since there is no automation or connection linked to these funds, they are technically impossible to compromise by external attackers.

Around 2% of funds are kept in hot wallets protected by industry-leading security. These hot wallet funds are used to process withdrawals quickly and are insured against loss in case of compromise.

Server Security

We segregate our network and servers into different sub networks and availability zones, and protect traffic with strict routing, firewalling, and access control.

Our servers run the latest security software and our networks benefit from industry-leading distributed denial of service attack protection. They are designed to be highly available and to tolerate failures in infrastructure while maintaining continuity of operations.

Our data is aggressively backed up, encrypted, and stored in secure locations.

Client Security

We offer full-account 2-factor authentication. When enabled (strongly recommended), 2-factor authentication provides an extra layer of security by protecting account access (log in) and withdrawal operations.

All network traffic between the client and our servers is encrypted using High Assurance SSL.

Brute-force prevention is implemented client-side through CAPTCHA and rate throttling systems designed to protect against these types of attacks while preserving a pleasant user experience.

Last updated