When you deposit money into your Cyphalet wallet, you're trusting us with something that matters. We take that seriously โ and we want to be completely transparent about exactly how we protect your funds and personal data.
This article pulls back the curtain on Cyphalet's security architecture: what we've built, why we built it, and what you can do on your end to stay safe.
Our Security Stack
End-to-End Encryption
All data transmitted between your browser and our servers is encrypted using TLS 1.3 โ the same standard used by major global banks. Data at rest is also encrypted using AES-256.
Regulated Banking Partners
Your funds are held with CBN-regulated banking partners โ not on Cyphalet's own balance sheet. This means your money is protected by the same deposit frameworks as a traditional bank.
24/7 Fraud Monitoring
Every transaction is analysed in real time by our fraud detection system. Unusual patterns โ like login from a new device or an unexpected large transfer โ trigger automatic alerts and holds.
KYC Verification
Every Cyphalet account goes through identity verification before transactions are permitted. This protects all users by ensuring only legitimate, verified individuals access the platform.
Session Management
Inactive sessions are automatically terminated after a set period. This protects your account if you forget to log out on a shared or lost device.
Regular Security Audits
Our platform undergoes periodic security assessments and penetration testing by independent third-party security firms. Findings are remediated promptly.
How We Handle Your Personal Data
We collect only what we need to operate our service and comply with regulations. We never sell your data, share it with advertisers, or use it for purposes beyond what's described in our Privacy Policy.
Your identity documents (uploaded during KYC) are stored securely and retained only for the minimum period required by AML/KYC regulations. After that, they are permanently deleted.
What You Can Do to Stay Safe
Security is a shared responsibility. Here are the most important steps you can take to protect your Cyphalet account:
Use a strong, unique password. Don't reuse passwords from other sites. A password manager makes this easy.
Never share your login credentials with anyone โ including people claiming to be Cyphalet support. We will never ask for your password.
Log out after using shared devices. Always end your session when using a public or shared computer or phone.
Watch for phishing attempts. Cyphalet will only contact you from official @cyphalet.xyz email addresses. Be suspicious of unsolicited messages asking for your details.
Report suspicious activity immediately. If you notice anything unusual in your account, contact us right away via the Contact page.
If Something Goes Wrong
Despite best efforts, no system is 100% immune. If you ever suspect your Cyphalet account has been compromised:
- Change your password immediately via the login page
- Contact our support team through the Contact page right away
- Do not attempt further transactions until the issue is resolved
Our team is available to respond quickly and will freeze your account if necessary while an investigation is conducted.
๐ Our commitment: Security is not a feature at Cyphalet โ it's a foundation. Every product decision we make is evaluated through a security lens first.