StormGain security measures and recommendations
Our team is continuously improving the platform's security measures and policies, as well as for the team itself. We're making every effort to secure your funds on StormGain.
Common security measures:
We use two-factor authentication (2FA) to keep your account secure and make sure it's actually you trying to access your account.
Employing multiple signature efforts to confirm all withdrawal transactions, i.e., users will need to provide two (2) or more signatures for any withdrawal.
We use SSL encryption to protect all traffic that goes through our resources.
24/7 live chat and e-mail support for urgent cases.
PCIDSS and GDPR compliance
We are compliant with PCIDSS & GDPR.
Encryption of all sensitive data
Data are encrypted at the system and data levels, splitted with redundancy and AES-256 encrypted.
Constant, real-time monitoring for suspicious and fraudulent activities.
Quarterly security audit
Secure internationally trusted advisors, and scan systems for vulnerabilities.
Physical access and code deployment are strictly controlled. Nothing ships without intensive review.
Controlled and Monitored access
We use the practices of separation of duties and Principle of Least Privilege (we give actors the least privilege they need).
Ensuring funds’ security
We divide saved funds into hot and cold wallets:
- Most of the funds are stored in cold wallets to provide more secure storage.
- Funds are also stored in hot wallets to ensure smooth day-to-day withdrawal requests from our customers.
We have strict control on access rights to funds in both cold and hot wallets.
- To further secure your funds, we require strict control over both cold and hot wallets.
- This allows us to monitor and act promptly in case of any suspected fraudulent activity.
Six main security recommendations for you:
Use a unique email address and password for your account.
You can use a secure password manager or be sure you are creating more complex, secure passwords without fear of forgetting them.
You can enable 2FA via SMS or Google Authenticator protection to your account. It will help keep your account secure even if your password is compromised.
Don’t install unnecessary software on your computer. Use good antivirus software and keep it updated.
Never send or tell your personal data to anyone. Please be aware that we will never request your password or verification codes. The only information our support team may require includes: The account number for authorised users, the e-mail address for unauthorised users and a Transaction ID for financial transactions issues.
Always check the domain address you’re visiting:
Many phishing sites mimic StormGain’s domain or website to trick you into giving them your personal details. Make sure you’re visiting the real site.
Enable fingerprint or passcode lock on your phone, use a secure e-mail provider and employ 2FA for your e-mail account too. Don’t open unknown links or attachments in e-mails.
“These simple rules can help keep you safe from the most common types of cyber threats. Please take care.”
Your Stormgain team