Robust security

Security is in our DNA. Our number one priority is to protect you, your money, and your information.

Security is built into our systems and culture.

State-of-the art security

Security is in our DNA. We obsess about it. Our top priority is to protect you, your money, and your information. Uphold is a community. We enforce stringent security standards across our platform – and continually educate our customers on the important role they have to play.

Access and Encryption

We deploy layered defenses to limit the scope and depth of potential attacks, as well as sophisticated encryption.

Auditing & Testing

Security professionals routinely conduct security audits and penetration testing of our systems.

3rd Party Due Diligence

All our providers undergo appropriate due diligence checks. Special attention is paid to integrations incorporating sensitive data.

Personnel Standards

The Coinbidex team are background checked by an accredited vendor. Mandatory security and privacy training is conducted regularly.

24/7 Overwatch

The Uphold Security Operations Centre monitors systems year-round and responds immediately to any detected threat.

Bug Bounty Program

If you've found a security vulnerability in our platform, please report it to us via our public BugBounty program for a reward.
We work with a bug bounty platform called Intigriti. On this platform, you will find our public bug bounty program that is open to all here.

Verify Yourself

Verifying your identity helps to keep your transactions secure.

Strong Password

We maintain strong password requirements. We'll also do email verification if we detect anything untoward. If we detect unusual activity, we'll send you an email to verify it is you.

Enable 2-factor authentication

The Uphold Security Operations Centre monitors systems year-round and responds immediately to any detected threat.

Scams and Phishing

Scams are designed to give bad actors access to your funds. They often involve someone passing as a legitimate contact with whom you do business.

Using Your Device in a Public Place

Never leave your device unattended in a public place while you're logged in, and try to avoid public Wi-Fi. Never access or change your personal information in a public space. Always log out of your Uphold account.

A Secure Connection

Make sure you use a secure internet connection when you access Uphold. Look out for the “https” at the beginning of the website address, as well as the padlock security symbol in the browser frame.

Your Computer

You should install effective antivirus and anti-spy software, as well as turn on a firewall. Always ensure they are running when you use your computer.

Regulatory Compliance & Anti-Money

Laundering (AML) Controls

We implement robust KYC and Anti-Money Laundering controls to underpin our verification and identification processes and to identify suspicious activity. We’re committed to compliance with all applicable laws and regulations in the United States, Europe, and internationally.


Customer, employee, member, business partner, and developer partner identification verification, and ongoing, real-time due diligence.

Full compliance with Office of Foreign Assets Control (OFAC) regulations. Including real-time identification and investigation of unusual activity, and suspicious activity reporting.

Currency transaction reports and other reporting requirements triggered by transaction volumes and specified activity patterns as articulated in the Bank Secrecy Act (BSA).

Compliance with BSA record keeping requirements.

Compliance with lawful requests for information from law enforcement with the authority to make such requests.

The Payment Card Industry Data Security Standard PCI/DSS

PCI/DSS is a set of requirements created by the major payment card brands (Visa, MasterCard, American Express, Discover and JCB), designed to ensure that ALL companies that processstore or transmit credit card information maintain a secure environment. Its primary focus is to improve payment account security throughout the transaction process and it is administered and managed by an independent body, the Payment Card Industry Security Standards Council.

Coinbidex is a pioneer in our space when it comes to the security of our consumers: we are one of the first companies working with digital currencies to become certified to PCI/DSS, one of the most stringent security standards in the industry. Being compliant means that we are doing our very best to keep our members’ valuable information secure and out of the hands of people who could use that data in a fraudulent way.