Clanz is designed from the ground up, with security and safety our number one priority.

We employ multiple strategies to protect customers assets and information, including data encryption, periodic security audits and best practice organisational security.

Infrastructure security

Multi-factor authentication to access internal services.

Internal networks protected by firewalls.

Utilise advanced machine learning techniques to recognise suspicious logins, account takeovers and financial fraud.

Hosted on Amazon Web Services, which offers a secure environment with capabilities of access control, data encryption, monitoring and isolation.

All personally identifiable information is encrypted (in transit and at rest) by physically dispersed keys.

Uploaded documents:

  • Visibly watermarked (all verification documents and support message attachments)
  • Encrypted by physically dispersed keys (all verification documents and support message attachments)
  • All verification documents and support message attachments are only accessible by admins with special permission for KYC verification purposes and are watermarked to protect the document

Full encryption of support chat text messages.

All sensitive rows in the database are hashed and signed on write and verified on retrieval to ensure data integrity.

Secure connections are always enforced when accessing the website or API from any device.

Top tier data centres with geographically dispersed disaster recovery backup servers.

Intrusion detection monitoring for unauthorised system access.

Organisational and operational security

Multi-factor authentication to access internal services.

Segregation of duties and access to application credentials or production servers.

Administrators have tiered access to the system.

Administrator actions relating to any user accounts is audited and requires multi-level approvals.

Administrator action relating to user accounts or value transfer requires multi-level approvals.

Hiring and ongoing employee requirements, candidates must pass criminal background checks before becoming a Clanz employee.

Regular penetration testing is conducted on the system.

Account security

Multiple levels of security for our system including:

  • Location security detection
  • Two-factor authentication
  • Facial recognition
  • Pin number
  • Ability to change username and email address at any time
  • Voice ID (coming soon)

Username can be freely chosen. We encourage users to not use their email address as username to improve security.

Email notifications are sent on each login.

Instant account suspension from email link for unauthorised logins.

Duress password to suspend an account.

Additional security information is requested on login attempts from different IP addresses.

Cryptocurrency and instant withdrawals are blocked for 72 hours after changes to account security details.

SMS notifications on account security detail changes (like email change or password changes).

Cryptocurrency address whitelisting: withdrawals to new addresses require email confirmation.

Browser whitelisting: email confirmation for logins from new browsers.

Bot shield: automatic account protection from brute force attacks.

Optionally PGP signed emails to verify email validity.

Protecting yourself

Clanz support staff will never ask you for your multi-factor authentication code or password. If you receive correspondence from a party requesting this information, whether they claim to be associated with Clanz or not, disregard the message and report it to

To protect yourself, your account and your funds, consider:

  • Using a strong password
  • Never share details
  • Enable multi-factor authentication
  • Only withdraw to trusted addresses
  • Beware of recovery services
  • Whitelist email and bookmark the website address
  • Beware of offers too good to be true

Explore the platform

Clanz Logo