Security

We have a deep commitment to protecting our users from potential security risks. We adopt industry best practices and strategies in cybersecurity to ensure our users and assets are kept secure. We collaborate with reputable and trusted security professionals and tap on our community to constantly improve the Sparrow platform.

A Layered Security Architecture

We designed our system security based on a layered-security approach maintaining the appropriate security measures and procedures at five different levels within the system architecture:

checklist

Perimeter defence with firewalls to separate public internet from private demilitarized zones (DMZ).

checklist

Data protections including IP Whitelisting, Kerberos authentication and AES data encryption.

checklist

Networks isolation using private network subnets, IPS and access authentication control to separate application communications.

checklist

Application-level security including application based authentication, SQL injection and XSS vulnerability prevention.

checklist

Host level protection includes host based IDS, Virtual Applicances and Anti-malware protections.

Secure Asset Custody

We have partnered with BitGo, a world-class custodian, to store all the platform’s digital assets, to provide a safe and secure trading experience.

Security Audit

We regularly conduct internal and external audits, working with credible security audit firms to provide the best possible security and infrastructure to our users. As part of our commitment to security, we have successfully completed comprehensive security audits from leading cybersecurity firms Horangi and CertiK.

KYC / AML / CFT Screening

All users on Sparrow will have to undergo KYC/AML/CFT screening.

Compliance

In order to create a safe and conducive trading environment, we implemented a robust compliance framework to prevent money laundering and financing of terrorism.

Policies and Process

We have implemented Anti-Money Laundering and Countering Financing of Terrorism (AML/CFT) policies and processes which are reviewed regularly to ensure relevancy in today’s dynamic business environment.

Customer Due Diligence

All users are required to pass the Customer Due Diligence process. This is part of our commitment to detect and deter suspicious activity, prevent money laundering (ML), financing of terrorism (FT) and fraud.

CommunitySECURE Bounty Program

We will reward contributors who report bugs and security issues for making Sparrow safer for everyone. Please contact us at [email protected] for more details.