We provide maximum security for your money.
Through thorough verification, secure data storage, employee vetting, and compliance with all available regulations, we guarantee the safety, stability, and reliability of the platform and all transactions. With Weld Money, your capital is under reliable protection.
We share two security perimeters:
The External Security Perimeter – is the world-wide network, the Internet
What does it mean:
Basic authorization
Cdn, dnf, firewallet, cloudflare
GWT (2-factor authentication, code by mail)
Passwords created by the user in the system are checked according to a pattern that implements OWASP recommendations.
Using the protocol HTTPS TLS 1.2+
Vulnerability scanning through an internal CICD tool
Penetration test for each public release
The internal perimeter of security – workstations available for product development
What does it mean:
No developer works with real keys because there is a process where the keys are stored in security certificate stores (Keystores), which are adapted, at the time of launching the application, by the software, ensuring the anonymity of key storage in the system.
No one can change productive, custom keys. Each release is verified by the company's top official (CTO and CEO). In the further development of the company, the role of the Security Officer will be allocated, where there will be verification of releases from the CEO.
Infrastructure roadmap towards safety
2023
- Amazon7 web-services
- Cloudflare
- Comodo SS-certificate
- Hashicorp VaulX
- Blockchains security audit by Hacken, Certik, Blaze
- Regularly penetration tested by Safe Base Security
2024
- SOC 2 Type I & Type II
- ISO 27000 (iso 27001:2013, iso/iec 27002:2013-2022)
- PCI DSS Level 1
- CCSS Level 3
Certification and compliance
We work with leading authorities in payments, custody, and compliance.
