Security Layers of CoinLoan

Our priority is to guarantee security and reliability for our clients. Manage your digital assets in a safe way.
Open Account
regulated in Europe
Insured custodian
5 years track record

Modern Encryption Standards

Traffic between a client browser and server uses the most advanced encryption algorithm, approved for use in banking institutions and credit card processing companies. DNSSEC protects the domain from DNS attacks. All the browser requests are encrypted (HSTS).

Secure Cloud Infrastructure

We use the best cloud service provider available on the market. It is certified by the world’s strict security standards and trusted by major banks and financial institutions.
Secure cloud infrastructure

Web Application Firewall and DDoS Protection

The top player in the web application security market analyzes server requests. Hacking attempts, bots, and DDoS attacks are filtered out meticulously to prevent a service breakdown. None of our servers have direct access to the Internet.

Regular Vulnerability Scans

CoinLoan infrastructure is monitored daily with the number-one vulnerability scanner to discover weaknesses of any given sub-system. We regularly update the list of our scanner’s tests.
Regular vulnerability scans

Bug Bounty Program

We have a partnering program for white hat hackers and welcome ethical specialists to collaborate with us to analyze vulnerabilities and enhance the security of the entire infrastructure. We react immediately to any finding. If bugs or vulnerabilities are discovered, we issue an update ASAP. Up until today, we never faced issues that could have shaken our reputation.
Read more

Secure Software Development Life Cycle

According to this methodology, all changes in a code and features implemented are inspected by developers, tested by QA specialists, and analyzed by security experts.
Secure Software Development Life Cycle (SSDLC)

Infrastructure Monitoring

Monitoring of the CoinLoan infrastructure is on 24/7 in order to spot rapid abnormal activity and system errors.

Two-Factor Authentication

We use TOTP technology for 2FA to confirm each login attempt, funds withdrawal, password reset, and other crucial account actions. You can read more on how 2FA works on CoinLoan here.

Account Takeover Protection

Our system blocks any attempt to steal passwords and one-time two-factor authentication (2FA) codes. We always notify our users via email about an ongoing login process providing such details as browser type and geolocation.

Our email system can detect attempted intrusions fast. Each session is linked to a browser and IP address, protecting an account from cookie theft and session hijacking.

SOC 2 & ISO 27001 Certification

Currently, we are pending to undergo the Service Organization Control (SOC) 2 Audit, which will affirm that CoinLoan’s information security practices, policies, procedures, and operations meet the SOC 2 standards for security, availability, confidentiality, and privacy. With the addition of SOC 2, we will further strengthen our position by being certified for ISO27001. Certification to the ISO 27001 Standard is recognized worldwide. It will indicate that our information security management system is aligned with information security best practices.
SOC 2 certificationISO 27001 certification

Assets Storage

$250 million insurance
We store customers’ assets in BitGo, the most trusted custodian, with $250 million insurance cover from Lloyd’s.
The multi-signature process needs several keys (N) with a required quorum of any (M) keys. For example, you need 3 out of 5 or 5 out of 8 keys to conduct a transaction. Thus, a single individual can't sign a transaction. At the same time, if you lose one of the multi-sig keys, you will never completely lose control of your assets.
Cryptocurrency Security Standard (CCSS)
CoinLoan performs operations with cryptoassets according to rules outlined in Cryptocurrency Security Standard (CCSS). It’s a security framework covering the security requirements for companies dealing with cryptocurrency.
Safe key storage
We store encrypted keys’ parts in the bank's safe deposit boxes to prevent potential loss, such as natural disasters, floods, earthquakes, fires, and so on.

Help Center

Find answers to all your questions about CoinLoan in our Help Center. We have plenty of instructional posts and helpful hints on how to manage assets in a safe and smart way.
To Help Center
Why choose CoinLoan?
How to set up two-factor authentication (2FA)?
Where do you store my cryptoassets?
How to protect my data?
Do you offer a bug bounty program for security researchers?
We use cookies to provide the best services. Cookies are subject to our Privacy Policy.