Binance connect. Security. 🔒

Intro

To move funds between Binance and crypto wallet uses API key, which the user creates during connection.
To prevent loss or freezing funds we take a lot of security measures. In this article, will discuss the main of them.

📦 Keys storing

The first level of security is an API key storage. It never transferred to a backend and is only stored on the phone. On iPhones, API key is stored in Apple keychain — safe storage which has never been hacked, even on stolen iPhones.

☑️ White list of addresses

With API key you can transfer money only between Binance and your crypto wallet. If the key is lost but you keep seed phrase safe, an intruder will only be able to transfer money between your accounts, but won’t be able to withdraw it.

📨 Proxy server

All requests to Binance could pass only from one IP address — via HERE proxy server. Requests can’t be changed as they are signed with a secret API key which is stored locally on the phone.

However, as the requests can come only from one IP address, we can skip a request if it looks suspicious to us. Our proxy server monitors daily limits and does not let suspicious transactions through.

👨‍💻 Team

HERE is a US company that is subject to regulation. Any breach of the user agreement or exposure of user funds will result in serious consequences for the team. We are reassured on all counts and designed the product so as not to touch users’ money in any way. All updates are reviewed by our CTO and we go through security audits as the project evolves.

This is only part of the security measures we take, but the most important thing you can do is to keep the seed phrase safe. We take care of the rest 🤝