Custody of crypto assets
GOin uses Fireblocks’ technology to secure your crypto assets. Fireblocks is a leading provider of crypto asset custody solutions, renowned for its robustness and reliability.
Fireblocks holds SOC 2 Type II certification and undergoes frequent penetration testing conducted by ComSec and NCC Group. It’s also certified by the International Standard Organization regarding security (ISO 27001), cloud (ISO 27017) and privacy (ISO 27018).
Fireblocks’ digital vaults are based on the MPC-CMP (Multi-Party Computation-Cryptographic Multi-Party) protocol.
MPC-CMP is a revolutionary approach to cryptography that secures transactions and the custody of crypto assets by distributing cryptographic keys among multiple parties. Instead of relying on a single private key, MPC-CMP divides the information needed to validate a transaction between several independent entities. No single party has enough information to act alone, eliminating a single point of failure.
The benefits of MPC-CMP are:
- enhanced security. By distributing cryptographic keys, the risk of theft or loss of assets is significantly reduced. Even if some of the keys are compromised, your assets remain protected.
- flexibility and control. This technology allows flexible implementation of security policies (e.g., board quorum) without compromising security.
- operational efficiency. MPC-CMP reduces the complexity and time required to perform secure transactions, improving operational efficiency while maintaining a high level of security.
By integrating Fireblocks’ MPC-CMP into its infrastructure, GOin ensures state-of-the-art security for the custody and management of your crypto assets. Only the crypto assets necessary for trading operations are transferred to marketplaces.
This advanced technology, in addition to our compliance with ISO 27002:2022 and independent audits, underscores our commitment to providing a secure investment environment.
Comprehensive security program compliant with ISO 27002:2022
The ISO/IEC 27002 standard is an international standard that provides guidelines for information security practices. It is part of the ISO/IEC 27000 family of standards, developed to help organizations secure their information and manage information security risks.
GOin has implemented the recommendations and best practices in information security management organized in different domains, such as asset management, access control, cryptography, physical and environmental security, operations and communications management, system acquisition, development, and maintenance, information security incident management, business continuity, and compliance.
Our Security Assurance Plan is available to our customers and partners upon request.
Secure infrastructure
GOin’s infrastructure is hosted by AWS, the world leader in cloud computing, in data centers located in France and Germany. AWS maintains a list of reports, certifications, and third-party assessments to ensure best security practices. For more information on AWS compliance, please visit its compliance program.
The data centers themselves are secure by a variety of physical controls to prevent unauthorized access. More information on AWS data centers and their security controls can be found on its dedicated page.
GOin’s technical teams follow best practices in terms of AWS architecture and configuration. Our infrastructure has been audited by independent PASSI-accredited third-party auditors.
Data protection
Data in transit and at rest is systematically encrypted, guaranteeing its confidentiality and integrity during transfer. In addition, mutual authentication is required, whenever technically possible, to allow data decryption, thus strengthening protection against unauthorized interceptions.
GOin implements rigorous logging to ensure the traceability of actions performed by its teams and clients. Logs include detailed information on actions performed, security events, transactions, and changes made to systems and data.
The collection and retention of logs allow GOin to monitor activities, detect anomalies or intrusion attempts and facilitate investigations in the event of a security incident.
For more informations about your data protection, please find our privacy policy.