What security measures does your platform have in place?
We have the highest level of security, as we treat our platform as digital investable assets that are held to the same standards as banking.
Blockchain security access: There are two different apps running. Only the admin app is capable of making direct on-chain calls. We use AWS KMS for private key security for the minting wallet, which uses hardware security modules to limit unauthorized access.
User authentication: We use Auth0 to manage user authentication. We use the passwordless SMS login, which also mitigates the security vulnerability introduced by users who may otherwise utilize insecure password practices.
Payment Gateway security: We have a static/exclusive IP to connect to the payment gateway, which ensures that only requests performed from our server will be successfully completed. Also, besides the TLS security, all credit card information is sent to the payment gateway encrypted using a public key provided by them.
Database access: We follow secure standards for database use, including two-factor authentication and backups.