Skip to main content
Security of Zignaly

Steps on how to make your account fraud proof!

Updated over 4 months ago

We follow strict processes to ensure the highest security by using encrypted data. Please review this list and understand the important security measures to protect your funds.


Is it Safe?

This is an essential question before sending any capital to an exchange. In Zignaly, we understand the importance of security. We have multiple layers of protection to ensure your funds are secure!

Zignaly has teamed up with Binance as a part of their Binance Broker Partner Program. After you deposit, your funds are in Binance and covered by their SAFU.

How secure is Binance?

Binance meets the internationally recognized ISO/IEC 27001 standard. You can read more about this in this article.

They keep an insurance fund for emergencies, known as SAFU. 10% of all trading fees are in this account and stored in a cold wallet. If you want to learn more about it, please click here.

Besides this, Binance has implemented pattern recognition to detect unusual activity. This is nurtured with a 20-month transaction history involving trillions of dollars. This allows them to see irregular trades and any suspicious activity. More info here.

But still, how secure is Zignaly?

API keys are RSA-encrypted before being stored in the database, which is in an isolated DMZ without public access.

We use a certificate for encrypting/decrypting the API-Keys, which are kept outside the database servers.

Zignaly API keys aren't shared with anybody, not even with the user or owner of the account. This may change, but they are always created without withdrawal permissions.

Still, if all that fails, only two servers in the entire Zignaly infrastructure are authorized to perform withdrawals. Their IPs are the only ones authorized inside Binance. Such servers are isolated and can not be accessible from the outside.

Rate limits are in place to protect against automated script attacks.

How to add extra security?

Below are a few steps to ensure your account stays safe:

  1. Secure your exchange account with two-factor authentication (2FA).

  2. Use a strong and unique password/email for your exchange account.

  3. When creating API keys, don’t store secure API keys in a shared or accessible document.

  4. Don’t send your API keys via a message to yourself or anyone.

  5. Use separate API keys for different services.

  6. When opening emails from an exchange, be wary of phishing emails and ensure the sender's authenticity.

  7. Secure your mobile/desktop devices with pin codes.

Be aware of scammers. They will try different ways to scam you. They could impersonate Zignaly agents, founders, and investors. Remember that no member of the Zignaly team will ever ask users or the community to deposit funds. We will also never ask for your password or your 2FA code. If you have any suspicions, please get in touch with Support immediately!

Has my account been breached?

We understand that the cryptocurrency industry has been the target of many attempted attacks. This is why we suggest implementing security measures.

This website can help determine if your email was compromised:

https://haveibeenpwned.com/

Unfortunately, this database may not have information on every data breach. Therefore, it may not provide all the necessary info on when your details have been made public.

If you think your account has been compromised, we recommend changing your password immediately. If this information is compromised, an attacker could request a password reset for any web service you use. Please also change your passwords on all email and financial accounts such as Gmail, Binance, Paypal, etc.

Next, please enable 2FA on your account if you haven't already. Lastly, if you have any API keys, we suggest removing them and creating new ones.

Did this answer your question?