Your Security is Our Top Priority

We implement industry-leading security measures to protect your data and assets. Learn about our comprehensive approach to security.

Our Security Measures

Encryption

All data transmitted between your device and our servers is encrypted using industry-standard TLS/SSL protocols. Sensitive data at rest is encrypted using AES-256 encryption.

Authentication

We implement multi-factor authentication (MFA) to add an extra layer of security to your account. We also use secure password hashing and regular session timeouts.

Infrastructure

Our infrastructure is hosted on secure cloud providers with SOC 2 compliance. We implement network segmentation, firewalls, and intrusion detection systems.

Secure Development

Our development team follows secure coding practices and conducts regular code reviews. We use automated tools to identify potential security vulnerabilities.

Bug Bounty

We maintain a bug bounty program to encourage responsible disclosure of security vulnerabilities by security researchers and ethical hackers.

Regular Audits

We conduct regular security audits and penetration testing by independent third-party security firms to identify and address potential vulnerabilities.

How We Protect Your Assets

Cold Storage

The majority of user funds are stored in cold wallets that are not connected to the internet, making them immune to online hacking attempts. Only a small portion of funds needed for liquidity are kept in hot wallets.

Our cold storage solution uses multi-signature technology, requiring multiple authorized signers to approve any withdrawal. This prevents a single point of failure or compromise.

API Security

When you connect our platform to exchanges via API keys, we implement strict security measures:

  • We recommend using API keys with trading permissions only (no withdrawal permissions)
  • API keys are encrypted in transit and at rest
  • We implement IP whitelisting when supported by exchanges
  • Regular automated monitoring for suspicious activity

Insurance Coverage

We maintain insurance coverage for digital assets held in our custody. This provides an additional layer of protection against certain types of losses, including security breaches, employee theft, and more.

Security Best Practices

While we implement robust security measures, we recommend following these best practices to enhance your security:

Enable Multi-Factor Authentication

Always enable MFA on your Xodis account and any connected exchange accounts. This adds an essential layer of protection beyond just your password.

Use Strong, Unique Passwords

Create strong, unique passwords for your Xodis account and never reuse them across different services. Consider using a password manager.

Be Cautious of Phishing

Always verify the URL before logging in. Xodis will never ask for your password via email or messaging platforms. Be wary of impersonation attempts.

Keep Software Updated

Ensure your devices, browsers, and apps are always updated with the latest security patches to protect against known vulnerabilities.

Regularly Review Activity

Regularly check your account activity and trading history. Report any suspicious activity to our support team immediately.

Report a Vulnerability

We appreciate the work of security researchers in improving the security of our platform. If you've discovered a security vulnerability, please report it to us responsibly.

Contact Our Security Team