Configure security settings and access permissions
Coinsbuy readily supports KYC[^1] and AML[^2] procedures, enabling you to verify the identity of your clients and ensure compliance with anti-money laundering regulations.
Other security features include 2FA[^3], robust notifications, and logging systems.
Keep in mind that the security of your accounts is your own responsibility.
Follow best practices to protect your finances
Follow the guidelines below to better protect your account.
Use strong passwords and 2FA
Make sure that you and all of your team members:
Use strong passwords that include uppercase and lowercase letters, numbers, and special symbols.
Use password managers for storing passwords.
Never share passwords with anyone.
Have IP whitelists enabled.
References:
Enable notifications
Add your email as a notification address in the settings of all your wallets to make sure that you will be notified about any transactions. This way, you are able to detect suspicious transactions and intervene as quickly as possible.
References:
Take special care when managing access permissions
Make sure that your users are granted only those permissions that are necessary for completing their tasks. Such permissions include access to wallets and availability of various kinds of transactions.
In particular, you can assign the Withdrawals with approval role to all users, so that no funds withdrawal can be made unless it’s explicitly approved by you.
References:
Enable withdrawal thresholds
Specify thresholds for your wallets to limit the withdrawal amount. Withdrawals with the amounts exceeding the specified values will require the approval of the Owner, regardless of the role of the user who created such payout.
References:
Generate new API credentials after integration is complete
When sharing your API keys with developers, generate new keys and reset IP access to API after the setup is complete.
References:
Take immediate actions if you account security has been compromised
Do the following if you come to suspect that someone has obtained access to your account.
Change your password as soon as possible
Please note that changing the system password may take time.
Note that you must enter a 2FA code to confirm the password change.
References:
Reset access permissions and IP whitelists
Revoke all accesses to your wallets or at least temporarily assign the Read only or Withdrawals with approval role to all users. In this case, any further transactions on these wallets can be made only after your approval.
In addition, restrict access to the Coinsbuy API by removing non-trusted IPs from the whitelists.
References:
Last updated
Was this helpful?