Our team is continuously improving the platform's security measures and policies, as well as for the team itself. We work extra hard to make sure every money received is kept safe with our top-notch infrastructure.
The VoskCoin cloud mining security system is built around ten main principles below.
We do not store any crypto assets on our server. Also, user's funds are being processed and stored in an audited cold wallet.
Most of the funds are stored in cold wallets to provide more secure storage. Funds are also stored in hot wallets to ensure smooth day-to-day withdrawal requests from our customers.
To further secure your funds, we require strict control over both cold and hot wallets. This allows us to monitor and act promptly in case of any suspected fraudulent activity.
We use the practices of separation of duties and the Principle of Least Privilege (we give actors the least privilege they need).
We use the best-on-the-market cloud services provider that is certified by the world’s strict security standards and is trusted by major banks and financial institutions.
Traffic between a client browser and server uses the most advanced encryption algorithm that is approved for use within banks and credit card processing companies. The domain is protected from DNS man-in-the-middle attacks by DNSSEC. All the browser requests are encrypted (HSTS).
The top player in the web application security market analyzes server requests. Hacking attempts, bots, and DDoS attacks are filtered out meticulously to prevent a service breakdown. None of our servers have direct access to the Internet.
The VoskCoin cloud mining infrastructure is checked daily with the number-one vulnerability scanner to discover weaknesses of any given sub-system. The list of tests for our scanner is updated regularly.
According to this methodology, every coding change made and a new feature implemented is inspected by developers, tested by QA specialists, and analyzed by security experts.
We have a partnering program for white hat hackers and welcome ethical specialists to collaborate with us in analyzing vulnerabilities and enhancing the security of services infrastructure. We react immediately to any reports, and in cases where bugs or vulnerabilities are discovered, we issue an update ASAP. It should be noted that no serious problems have been reported to date.
Currently, we are passing a security certification designed for banks and other financial institutions that process card payments.
Our system blocks attempts to brute force passwords and one-time two-factor authentication (2FA) codes. Beyond this block, at each log-in, we notify the user via an email with details regarding the browser and geolocation used at log-in.
Our email system helps detect attempted intrusions at a glance. Each session is linked to the browser and IP address, and it protects from cookies theft and session hijacking.
Monitoring of VoskCoin infrastructure continues around the clock for the rapid identification of abnormal activity and system errors.
We use TOTP technology for 2FA to confirm each log-in attempt, funds withdrawal, password reset, and other crucial account actions. You can read more on how 2FA works