Quad Terminal

We take your online security seriously, every moment of every day. We offer and maintain numerous security measures to keep your accounts secure and protected from unauthorized access.

Our product integrations are thoroughly and regularly tested prior to roll out. As standard practice, our top industry-testing processes ensure total compliance with reliability standards.

Platform offers two-factor authentication on all user accounts.

Strong passwords are required for every user account.

All sensitive user information is encrypted both in transit and at rest. We use AWS, who has a proven track record for physical security and internal controls. More information can be found <a href="https://aws.amazon.com/security/" rel="nofollow noopener noreferrer" target="_blank">here</a>. 

User passwords are stored encrypted using Bcrypt as per industry standards.

Exchange API keys are stored encrypted using Bcrypt as per industry standards and only decrypted when syncing account information or when the user performs actions against their linked accounts.

We use world-class standards to shield user data from unauthorized intrusion. It is always protected with multiple layers of encryption (256-bit encryption over the network). All website data is transmitted over encrypted Transport Layer Security (“TLS”) connections (i.e., HTTPS).

We leverage the content-security policy (“CSP”) and HTTP Strict Transport Security (“HSTS”) features in modern browsers.

We use Amazon Web Services to mitigate potential distributed denial-of-service (“DDoS”) attacks and use AWS WAF to mitigate any attacks on applications for defense in depth.

Rate limits and <a href="https://www.google.com/recaptcha" rel="nofollow noopener noreferrer" target="_blank">ReCaptcha</a> are in place to thwart brute-force and automated scripting attacks.

Admin panels are not exposed to the public and only a few authorized managers have access to it.

We conduct routine pen-testing of applications and infrastructure as per OWASP top 10 standard and compliance to these standards is tested before each and every code deployment to ensure production code is vulnerability free.

- Platform offers two-factor authentication on all user accounts.
- Strong passwords are required for every user account.
- All sensitive user information is encrypted both in transit and at rest. We use AWS, who has a proven track record for physical security and internal controls. More information can be found <a href="https://aws.amazon.com/security/" rel="nofollow noopener noreferrer" target="_blank">here</a>. 
- User passwords are stored encrypted using Bcrypt as per industry standards.
- Exchange API keys are stored encrypted using Bcrypt as per industry standards and only decrypted when syncing account information or when the user performs actions against their linked accounts.
- We use world-class standards to shield user data from unauthorized intrusion. It is always protected with multiple layers of encryption (256-bit encryption over the network). All website data is transmitted over encrypted Transport Layer Security (“TLS”) connections (i.e., HTTPS).
- We leverage the content-security policy (“CSP”) and HTTP Strict Transport Security (“HSTS”) features in modern browsers.
- We use Amazon Web Services to mitigate potential distributed denial-of-service (“DDoS”) attacks and use AWS WAF to mitigate any attacks on applications for defense in depth.
- Rate limits and <a href="https://www.google.com/recaptcha" rel="nofollow noopener noreferrer" target="_blank">ReCaptcha</a> are in place to thwart brute-force and automated scripting attacks.
- Admin panels are not exposed to the public and only a few authorized managers have access to it.
- We conduct routine pen-testing of applications and infrastructure as per OWASP top 10 standard and compliance to these standards is tested before each and every code deployment to ensure production code is vulnerability free.

Further, we ask users not to reuse their password on other sites and generate exchange API keys with limited permissions granting our systems only the access required by the user.

<a href="https://support.quadency.com/en/articles/2281148-what-is-2fa" rel="nofollow noopener noreferrer" target="_blank">What is 2FA</a>?

<a href="https://support.quadency.com/en/articles/5758577-do-you-store-my-identity-verification-info" rel="nofollow noopener noreferrer" target="_blank">Do you store my identity verification info?</a>

- <a href="https://support.quadency.com/en/articles/2281148-what-is-2fa" rel="nofollow noopener noreferrer" target="_blank">What is 2FA</a>?
- <a href="https://support.quadency.com/en/articles/5758577-do-you-store-my-identity-verification-info" rel="nofollow noopener noreferrer" target="_blank">Do you store my identity verification info?</a>

Overview

Details

You might be interested in