Cryptocurrency Security Standard (CCSS) defines a set of requirements for information systems utilizing cryptography. It involves crypto exchanges, web applications and blockchain-based storage solutions.
This standard aims to protect cryptocurrency related data from unauthorized access, loss of sensitive data and data breaches. Currently, CCSS is a standard specified for every institution managing crypto wallets as part of their business logic and it considers 10 aspects in security which are categorized in three levels. The company has adjusted its security measures according to this standard to prevent various fraud schemes. It is worth noting that all the users’ assets are stored on “cold storage” in an isolated system of which backups are regularly collected; These backups are stored on a different location, so in case of a total breach to the system or natural causes such as fire and etc., users’ assets will not be exposed to the risks.
ارزیابی امنیتی دورهای
Security Assessment involves stages of periodic tests on platform security and the sections which are exposed to threats. The process applies OWASP and OSSTMM standards. Also, different scenarios are taken into consideration, most of which are related to Cyber Kill Chain attacks.
Iran-Based Servers
All OMPFinex services containing users’ data and notably, financial and users’ digital assets confidential data are fully hosted by domestic servers. Hence, there is no risk to asset freezing or similar issues due to financial sanctions posed on the Iranian citizens.