Yes, your Wirex account is secure.
The security of our user's funds is our top priority. We have built a secure and trustworthy platform employing the latest security technology in the blockchain and financial industry. Here are some of the main features:
- SSL. Wirex uses 256-bit SSL for all communications between server and web browser, which completely eliminates the possibility of "man in the middle attack". SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral.
- Confirmation through email address. Your Wirex account is linked to your mailbox. Any card-related information or fund-sensitive confirmation emails will be sent to your email address. Therefore, if a hacker manages to access your Wirex account, they will only be able to perform a limited number of actions, none of which includes sending your funds outside of your Wirex account. We strongly recommend you have different passwords for your Wirex account and Wirex-linked mailbox.
- Enhanced security / Two-Factor Authentication (2FA). 2FA is an extra layer of security that requires not only a password and username but also something that only that user and no one else has on them, i.e. a piece of information only they should know or have immediately at hand - such as a physical token. Read our Help Centre article about 2-factor authentication for more details. To make your account more secure, we recommend that you enable 2FA for both for your Wirex account and your Wirex-linked email account.
- Multi-signature technology. All accounts in our system are protected by BitGo's multi-signature technology. This technology makes it impossible to transfer funds without the transaction being signed by all parties involved. Every Wirex user has their own 2-3 multi-sig bitcoin account with a unique set of private keys (every key is encrypted with a strong password and backup key is stored completely offline); we work closely with BitGo, the world leader in blockchain security, to ensure that funds are kept securely and our account infrastructure is audited on regular basis. Read more about multisig security here.
- Microservice architecture. Wirex employs microservice architecture, where every service has its own set of access rights and is responsible for one operation. Every account operation is restricted by IP and can only be done by the Wirex microservice. Microservice architecture eliminates the single point of failure and makes it almost impossible for an attacker to get full control of a user's account.
- Policies. Wirex's sophisticated account policies and analysis tools can easily detect unusual behaviour e.g. withdrawal of big amounts, many account operations happening during a short time frame, etc...
- No access to your card details. Wirex doesn't keep any payment card numbers, expiry dates or CVV codes. Instead, Wirex operates with card proxies, which means that all data is kept securely and no Wirex employees have access to it.
- Support awareness. We take your security very seriously, so we perform thorough verification when we receive requests to disable two-factor authentication, change of email address or any changes to the account. Account related requests can only be addressed by our Support Team if initiated from your Wirex-linked email address.