Cryptocurrency Security

Military Grade Security


At Overbit, we take cryptocurrency security very seriously. We have a dedicated and geographically distributed team monitoring and auditing our trading systems and transactions 24/7. We do not disclose details of our security team and you will not find them being mentioned on social media websites. We have also outlined some important security features below that are part of the Overbit system.

Client Asset Security

100% multi-signature cold wallet

All client deposits are stored offline, in multi-signature, geographically distributed, cold storage. Access to the wallets is controlled by individuals located around the world. No crypto is stored in any Overbit office. We take no chances with our client funds.

Wallet audits

Overbit conducts a real-time audit for each transaction that takes place – and checks and balance audits on all client wallets and trades. Each client has access to their own ledger.

Transactional risk assessment

We have partnered with CipherTrace to identify high-risk wallets and exchanges where we might receive a deposit from or required to send funds to. We take a carefully measured approach to this and may halt transactions to wallets that are flagged up as risky. To safely protect your funds, we may ask for more information.

Email confirmations for deposits and withdrawals

Each time a deposit or withdrawal is made, you will receive an email confirmation. For withdrawals, you will receive an email that requires confirmation within 10 minutes or the withdrawal expires. Each withdrawal is manually checked and if we are not satisfied it is you, we might contact you in other means to confirm you made a withdrawal.

We do not lend your crypto

We do not lend client assets. We keep 100% reserves of all client assets at all times. Any client can withdraw all of their funds at any time.

Enterprise and data security

PGP emails

Choose how you wish to communicate with Overbit. For transaction related e-mails, clients have the option of using PGP (coming soon).

No third party internal applications

All Overbit technology is proprietary to Overbit. We do not use 3rd party applications for any core functions such as trading. No third party has access to our internal systems.

MFA as a policy

MFA (Multi-Factor Authentication) is in our DNA. It is deployed across the enterprise. Our employees use MFA across all access points, particularly where they need access to privileged commands.

Code reviews

We employ a layered security approach to deploying code updates. All code is reviewed by at least two other engineers before it is deployed.

System security

2FA security

Use Google Authenticator or Authy or your favourite authenticator app to access the Overbit platform.

Data encryption

Overbit employs Encryption of Data at Rest and Encryption of Data in Transit. Access is strictly monitored and audited.

SSL encryption

All communication through our website, trader, API and apps is encrypted with SSL.

Bug bounty

Overbit has a bug bounty program and pays out different levels of rewards for genuine security flaws found by the community. When vulnerabilities are reported, we take immediate action.

Physical security

We use geographically distributed data centers protected by 24 hours of surveillance and armed guards.

Penetration testing

We use third party white hacking services to look for flaws in our system and try and penetrate it. Where we find vulnerabilities, we take immediate action.

Earn up to $120 USD
when you join Overbit

Discover the Overbit Rewards Hub, Earn Bitcoin when you join Overbit and even more when you refer friends.