This page is available in English.

Choose your preferred language to view the site

Security

profitxbt prioritizes delivering the utmost level of security to its platform users

Protection of Customer Assets

We have implemented a comprehensive cybersecurity framework to ensure the strictest security measures and practices are in place to safeguard customer assets against potential threats and unforeseen events. We regularly conduct stress tests and security audits to ensure compliance with the highest security standards.

Utilization of Advanced Security Tools and Measures:

  • Two-Factor Authentication (2FA), provided by Google Authenticator, is used to enhance account security and prevent unauthorized access.
  • Mandatory Bitcoin address whitelisting feature
  • Digital assets are stored in cold storage with Multisignature technology.
  • Hardware security modules with a FIPS PUB 140-2 Level 3 rating or higher are deployed.
  • Rigorous risk checks are performed after every order placement and execution.
  • We use Encrypted SSL (https) to secure and encrypt our website's traffic.
  • Passwords are cryptographically hashed using bcrypt with a cost factor of 12, and all other sensitive data is encrypted.
  • Cloudflare is employed to mitigate potential distributed denial-of-service (DDoS) attacks.
  • Regular tests and evaluations are conducted by our technical team.
  • Ongoing IT security assessments are performed to stay updated on new potential vulnerabilities.

Our environment is hosted on Amazon Web Services (AWS), which has a demonstrated track record in physical security and internal controls.

Trading Infrastructure

The profitxbt trading engine has been meticulously designed to meet the highest standards in the online trading industry. All systems have been custom-coded to minimize latency and optimize order execution speed. The system continually monitors various risk factors, including buying power, maximum order size, position size, P/L loss thresholds, odd lot allowances, and conducts a comprehensive risk assessment after every order placement. profitxbt is renowned for its advanced and dependable trading software.

Get Started
Begin trading in just 40 seconds!

Wallet Security

The majority of customer digital assets (Bitcoin) are stored in our offline storage system known as "Cold Storage." Only a small fraction of digital assets is kept in our online wallet, referred to as the "Hot Wallet."

We implement Multi-signature access ("Multisig") to enhance security and mitigate the risk of losing access to a key or facility, thereby eliminating single points of failure. Any fund transfers from Cold Storage to Hot Wallets are conducted manually and require the coordinated actions of multiple team members.

Two-Factor Authentication (2FA)

Two-factor authentication (2FA) is a security process that requires users to provide two different authentication factors to verify their identity. It offers a higher level of security compared to single-factor authentication (SFA), which typically involves providing only a password.

Enabling 2FA is one of the best ways to enhance the security of your account. The setup process is straightforward, and we strongly recommend enabling 2FA for your account immediately after completing the registration process. Our 2FA system uses a Time-based One-Time Password (TOTP) solution, which requires the use of the Google Authenticator app. It is more secure and reliable than using SMS for 2FA.

Google 2FA

Follow these steps to enable 2FA:

  • Download the Google Authenticator app for either iOS or Android.
  • Access the System Preferences menu.
  • Click the 'Enable GA' button in the Google Authenticator section.
  • Backup your secret key and confirm it by selecting 'I backed up a 16-digit code.'
  • Confirm the setup by entering the PIN code generated by 2FA.

The next time you access your account or withdraw funds, you will be prompted to provide a code from Google Authenticator.

Please note that to disable 2FA, you will need to contact our support at support@help.profitxbt.com. This procedure may take up to 5 business days.

Withdrawal Address Whitelisting

We offer additional account-level security measures to our customers, such as crypto Address Whitelisting. This feature adds an extra layer of protection by allowing customers to whitelist specific withdrawal addresses.

By enabling this feature, withdrawals will only be allowed to addresses that are included in the whitelist. In the unlikely event that your profitxbt account is compromised, unauthorized users will not be able to withdraw digital assets to a different address.

New withdrawal address

Follow these simple steps to whitelist your wallet address:

  • Go to the Account section and select the Withdraw menu.
  • Click the "Destination address" dropdown menu. Then, click "Add a new address."
  • In the pop-up window, fill in the label and the Bitcoin address you want to use for withdrawals. Click "Add" to proceed.
  • You will receive an email in your inbox. Click the confirmation link to whitelist the address. Please note that the link is only active for an hour.
  • The confirmed BTC address will be added to the whitelist, and fund withdrawals will only be possible to that specific address.

The next time you access your account or withdraw funds, you will be asked to provide a code from Google Authenticator.

Please note that to disable your 2FA, you will need to contact our support at support@help.profitxbt.com. This procedure may take up to 5 business days.

For all questions, security issues or product related inquiries please contact us at support@help.profitxbt.com