Join Waitlist

Security Policy

Last Updated: January 26, 2026 | CPA Compliant

Our Commitment to Security

At iCloser, security is at the core of everything we do. We employ industry-leading security measures to protect your personal information, financial data, and digital assets. Our security infrastructure is designed to meet the highest standards of the financial services industry.

Security Certifications

πŸ›‘οΈ SOC 2 Type II

Certified for security, availability, processing integrity, confidentiality, and privacy.

πŸ” ISO 27001

Information security management system certification.

πŸ’³ PCI DSS

Payment Card Industry Data Security Standard compliance.

🌐 GDPR Compliant

Full compliance with EU data protection regulations.

Audit certificates are available upon request for verification purposes.

Data Encryption

Data at Rest

All sensitive data stored in our systems is encrypted using AES-256 encryption, one of the strongest encryption standards available.

Data in Transit

All communications between your device and our servers are protected using TLS 1.3 encryption, ensuring your data cannot be intercepted during transmission.

Key Management

We use hardware security modules (HSMs) for secure key generation, storage, and management. Keys are rotated regularly according to industry best practices.

Authentication & Access Control

  • Multi-Factor Authentication (MFA): Required for all account access and sensitive operations
  • Biometric Authentication: Support for fingerprint and facial recognition
  • Session Management: Automatic session timeout and device tracking
  • Role-Based Access Control: Strict access controls based on the principle of least privilege
  • IP Whitelisting: Optional IP restriction for enhanced security

Asset Security

Cryptocurrency Storage

  • Cold Storage: Majority of digital assets stored in offline cold wallets
  • Multi-Signature Wallets: Critical transactions require multiple approvals
  • Hardware Security Modules (HSM): Private keys protected by enterprise-grade HSMs
  • Insurance Coverage: Digital assets protected by comprehensive insurance policies

Transaction Security

  • Real-time fraud detection and prevention
  • Transaction monitoring and anomaly detection
  • Withdrawal whitelisting and time-lock features
  • Address verification and confirmation requirements

Infrastructure Security

  • Cloud Security: Hosted on enterprise-grade cloud infrastructure with multiple availability zones
  • DDoS Protection: Advanced protection against distributed denial-of-service attacks
  • Web Application Firewall: Protection against common web vulnerabilities
  • Intrusion Detection: 24/7 monitoring for suspicious activities
  • Regular Backups: Automated encrypted backups with geographic redundancy

Security Testing

We maintain a rigorous security testing program:

  • Penetration Testing: Regular third-party penetration tests
  • Vulnerability Scanning: Continuous automated vulnerability assessments
  • Code Reviews: Security-focused code reviews for all changes
  • Bug Bounty Program: Responsible disclosure program for security researchers

Incident Response

We have a comprehensive incident response plan that includes:

  • 24/7 security operations center monitoring
  • Defined escalation procedures
  • Rapid response and containment protocols
  • Customer notification procedures in compliance with applicable laws
  • Post-incident analysis and remediation

Colorado Data Breach Notification

In compliance with Colorado's data breach notification law (C.R.S. Β§ 6-1-716), we will notify affected Colorado residents within 30 days of discovering a security breach involving personal information. Notification will include:

  • Date or estimated date of the breach
  • Description of the personal information involved
  • Contact information for the Colorado Attorney General
  • Steps you can take to protect yourself

Your Security Responsibilities

While we implement robust security measures, you also play a crucial role in protecting your account:

  • Use a strong, unique password for your iCloser account
  • Enable multi-factor authentication
  • Never share your login credentials or verification codes
  • Keep your devices and software up to date
  • Be vigilant against phishing attempts
  • Report any suspicious activity immediately

Report Security Issues

If you discover a security vulnerability or have security concerns, please contact our security team:

Technical Support: bokang@icloser.xyz

General Inquiries: jimlai@icloser.xyz

We take all security reports seriously and will respond promptly to investigate and address any issues.