Security

Clanz is designed from the ground up, with security and safety our number one priority.

We employ multiple strategies to protect customers assets and information, including data encryption, periodic security audits and best practice organisational security.

Infrastructure security

Multi-factor authentication to access internal services.

Internal networks protected by firewalls.

Utilise advanced machine learning techniques to recognise suspicious logins, account takeovers and financial fraud.

Hosted on Amazon Web Services, which offers a secure environment with capabilities of access control, data encryption, monitoring and isolation.

All personally identifiable information is encrypted (in transit and at rest) by physically dispersed keys.

Uploaded documents:

  • Visibly watermarked (all verification documents and support message attachments)
  • Encrypted by physically dispersed keys (all verification documents and support message attachments)
  • All verification documents and support message attachments are only accessible by admins with special permission for KYC verification purposes and are watermarked to protect the document

Full encryption of support chat text messages.

All sensitive rows in the database are hashed and signed on write and verified on retrieval to ensure data integrity.

Secure connections are always enforced when accessing the website or API from any device.

Top tier data centres with geographically dispersed disaster recovery backup servers.

Intrusion detection monitoring for unauthorised system access.

Organisational and operational security

Multi-factor authentication to access internal services.

Segregation of duties and access to application credentials or production servers.

Administrators have tiered access to the system.

Administrator actions relating to any user accounts is audited and requires multi-level approvals.

Administrator action relating to user accounts or value transfer requires multi-level approvals.

Hiring and ongoing employee requirements, candidates must pass criminal background checks before becoming a Clanz employee.

Regular penetration testing is conducted on the system.

Account security

Multiple levels of security for our system including:

  • Location security detection
  • Two-factor authentication
  • Facial recognition
  • Pin number
  • Ability to change username and email address at any time
  • Voice ID (coming soon)

Username can be freely chosen. We encourage users to not use their email address as username to improve security.

Email notifications are sent on each login.

Instant account suspension from email link for unauthorised logins.

Duress password to suspend an account.

Additional security information is requested on login attempts from different IP addresses.

Cryptocurrency and instant withdrawals are blocked for 72 hours after changes to account security details.

SMS notifications on account security detail changes (like email change or password changes).

Cryptocurrency address whitelisting: withdrawals to new addresses require email confirmation.

Browser whitelisting: email confirmation for logins from new browsers.

Bot shield: automatic account protection from brute force attacks.

Optionally PGP signed emails to verify email validity.

Protecting yourself

Clanz support staff will never ask you for your multi-factor authentication code or password. If you receive correspondence from a party requesting this information, whether they claim to be associated with Clanz or not, disregard the message and report it to security@clanz.com

To protect yourself, your account and your funds, consider:

  • Using a strong password
  • Never share details
  • Enable multi-factor authentication
  • Only withdraw to trusted addresses
  • Beware of recovery services
  • Whitelist @clanz.com email and bookmark the clanz.com website address
  • Beware of offers too good to be true

Explore the platform

Clanz logo link to home page
Download the Clanz app on the Apple App Store
Download the Clanz app on the Google Play Store
Subscribe to our newsletter
You're in! Keep an eye on your inbox.
Oops! Something went wrong.

© Clanz 2021, All Rights Reserved. PayFar Pty Ltd, ABN 31 638 408 349, trading as Clanz is a digital currency exchange provider (DCE) registered with the Australian Transaction Reports and Analysis Centre (AUSTRAC). Before engaging in crypto trading and/or using Clanz Follow-Trading features, you should consider your personal objectives, financial situation, and capacity to sustain significant loss. Clanz does not provide any investment advice. Clanz does not warrant the performance, ongoing participation, or profile disclosures of the traders participating as Leaders (traders you can copy). Clanz Follow-Trading is dependent on your decisions to copy certain traders and your consideration of and acceptance of the risk of incurring loss.