5.2.4 The security of API

CoinFLEX offers both REST and Websocket APIs optimised for ultra-low latency connections with deep security safeguards in place. We offer SSL/TLS connections in order to encrypt the communications between your server and our server. By employing an Elliptic Curve Digital Signature Algorithm (ECDSA) for our users to authorise messages through our API, we eliminate the need for passwords to be sent over the internet or stored in our API servers. In contrast to other major cryptocurrency exchanges, we do not accept withdrawal requests through the API to any address or bank account that was not registered via our website with two-factor authentication enabled. We reduce the risk of our servers being compromised through multiple firewalls and load balancers. However, in the event that one of our API servers is compromised, you can be assured that no customer data is ever held on those servers.

Contents