Pillars of Our Security
Protecting against external threats
Eliminating human error
Preventing insider access risk
Key Aspects of Our Approach
Multi-party Computing (MPC) technology
User configurable transaction policies
MPC powered digital asset Warm wallets
Keyless, distributed, and secure digital asset custody
Key shares can be held by Parfin and/or by customers
Multi-cloud setup for added security
Audited architecture and infrastructure
Infrastructure
All user data is fully encrypted, passwords are hashed and salted
We use HSMs that have achieved FIPS 140-2 Level 2 rating or higher
All of our website data is transmitted over encrypted Transport Layer Security (TLS)
connections (i.e., HTTPS)
All API keys are stored in encrypted virtual HMAC wallets
As an additional layer of security all sensitive data are also encrypted by HSM
Platform Security Features
Mandatory 2FA for all user accounts when logging in and performing sensitive actions
Customisable authorisation engine to ensure transaction initiator and approver are separate
Mandatory Whitelisting of addresses with 24 hour delayed approvals
Multiple user roles with varying levels of access and control
Process Security
SOC2 Type II Certified gold standard for security assessment in financial markets
Comprehensive insurance policies
Regular Penetration Testing
We partner with enterprise vendors to mitigate against distributed denial-of-service (DDoS) attacks
Policies and procedures to enforce security and data privacy
All software improvements require rigorous testing and approval from the Parfin executive team
24/7 system and security monitoring with specialist incident response