Wirex takes account security seriously. This article will guide you through the multiple layers of bitcoin security we use. We will also provide recommendations for optimal digital security.
Q: What is the percentage of cold storage for funds deposited with Wirex? How does Wirex guarantee bitcoin security on my accounts?
A: Wirex does not keep any customer bitcoins in storage. Instead, every user has their own multi-signature wallets (also called ‘multi-sig’ wallets). We do not use ‘hot’ wallets — where user funds are kept in one big wallet and made transferable by single transactions — as is commonly practiced on other bitcoin exchanges.
Each of our customers’ multi-sig wallets comes with a unique set of private keys encrypted with a strong password. The backup key is stored offline. We use micro service architecture, where every service has its own set of access rights and is responsible for completing one operation. Every wallet operation is restricted by IP and can be completed only through the Wirex micro service. Micro service architecture eliminates single points of failure and makes it is almost impossible for an attacker to get full control of user wallets.
Wirex works closely with BitGo to achieve blockchain security. Our process includes a regular audit of wallet infrastructure and sophisticated analysis tools that detect unusual behaviour. Our system immediately flags suspicious activities, such as larger than usual withdrawals or a strangely high number of wallet operations in a short time frame.
We use additional layers of security for customers’ Wirex accounts, including 2-factor authentication (2FA) during account login (activate 2FA under ‘settings’), phone verification and email confirmations before every transfer.
Wirex also uses 256-bit SSL (Secure Sockets Layer) for all communications between server and web browser, completely eliminating the possibility of man-in-the-middle attacks. SSL is standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between server and browser remain private and integral.
For account inquiries, we only entertain requests made from Wirex-linked email addresses.
TL;DR — We don’t keep customers’ bitcoins. Customers secure their own bitcoins in multi-sig wallets. Our wallets are almost impossible to hack and they detect unusual activities. We use SSL. Additional layers of security guard account logins and fund transfers.
Q: What should I do to ensure my money is safe?
A: We advise the following:
Use a strong password for your Wirex account and email address. Never use your name, birthdate, personal information, or a common password. Instead, use a password generator to create hard-to-crack passwords, and use a range of characters, symbols, and numbers. Keep the password safe, or use a password manager. Here is a list of the best free password managers.
Activate 2-factor authentication. Read this tutorial on how to enable 2-factor authentication on your account.
Q: How does Wirex ensure the funds on my card are safe?
A: Wirex operates with ‘card proxies’, which means that all data is kept with the bank partner. None of our employees has access to card information, including card numbers, expiry dates or CVV codes.
Wirex plastic cards are also chip-and-PIN cards, in line with advances in card technology and security. Keep your PIN secure. If you believe your card has been compromised, or if it was stolen, you can immediately block the card from your desktop or Wirex app.
For other questions about bitcoin security and your Wirex account, please feel free to tweet to us at @wirexapp.