Security First

FinnsCon Limited end-to-end security design, globally distributed infrastructure, and business-focused security innovation capabilities ensure the security and reliability of users' assets.

Your investments
are safe

Insured Capital

Always Offline
1. Private keys generated and stored in HSM
2.FIPS 140-2 Level 3+ HSM
3. Private key plaintext not visible to staff
Global Deployment
1. Multi-signature mechanism among data centers
2. Data centers distributed across three continents in politically stable countrie
High Standards
1. Deployed in bank vault-level secure data centers
2. Strictly follow ISO27001 and S-SDLC
3. Heterogeneous design of data center devices

Key Security
Measures

    Optional Two-Factor authentication

  • All accounts have optional two-factor verification when logging in
  • Google Authenticator also available
  • All key operations require second verification

    High-level encryption measures

  • Website traffic runs entirely over https
  • High-level encryption algorithms used to store sensitive information

    Fine-grained authentication mechanism

  • A fine-grained permission design, strict access authentication measures for each interface, and strict isolation between different roles and users
  • Transfer whitelist mechanism

Certificate Of Insurance

The subject of insurance is the financial interests of Finnsocn and its investors related to possible losses incurred in connection with one of the following random events:

  • Fraudulent operations inside company
  • Providing fraud / fake information for investors
  • War, civil unrest, mass disorder in the country of investment
  • Closing of Finnsocn
  • Crash in the cryptocurrency markets
  • Closing of the stock exchange
  • Cryptocurrency outlawing
  • The company founder is arrested

Multi-dimensional
Security Assurance

    Governance

  • 'Security first' is part of our company's culture, embedded in all aspects of our activities, including surveys of personnel during recruitment, training content for new employees, and customized security requirements for different positions
  • All company employees are required to abide by the security red-line and have established a corresponding reward and punishment system

    Progress

  • The S-SDLC security development process is fully implemented to ensure security is integrated into the product development process, and ensure security is the basic quality attribute of products
  • Refer to IPDRR architecture, monitor the security status of products and services in real time and respond in a timely manner
  • Conduct regular penetration testing activities

    Technology

  • Adopt and deploy a large number of industry-leading security products and tools
  • Developed detailed security design, secure coding, security testing, and security operation and maintenance specifications
  • There are more than 100 rules in place to drive for security best practices