SMART VALOR Security Principles

Modified on: Monday, December 12, 2022

How does SMART VALOR maintain security of assets?

To provide security for the platform assets and for the user accounts, SMART VALOR has decided to deploy significant efforts in order to build its own secure custody solution. This will ensure its development on strong roots instead of starting from the ground, notably relying on several top security technology providers.

 

SMART VALOR has jointly announced in 2018 a partnership with Ledger for the establishment of an enterprise-grade custody solution for digital assets. After selling more than one million Nano S hardware wallets for digital assets, Ledger has created an early access program for Ledger Vault. This new program provides asset security through, in particular, Hardware Security Modules (HSMs) and secure authentication of the operators to the HSMs.

 

SMART VALOR has specifically integrated different layers of wallets (warm or cold) with active monitoring of the transactions between different layers, and tailored security policies, including multiple approval processes, to ensure a good trade-off between efficiency/availability and hardware-based security for the funds.

How secure is my personal information?

SMART VALOR values the security, privacy and protection of our user data very seriously. Towards this goal, we made taken the following measures:


 

  • We comply with the GDPR regulations. 
  • The summary of all the data collected and processed by SMART VALOR and its processors can be found here: https://www.iubenda.com/privacy-policy/52289256
     
  • Our detailed privacy policy can be found here: https://www.iubenda.com/privacy-policy/52289256/legal
     
  • All personal data is stored in encrypted databases, not accessible from the public Internet.
  • Communication of your computer to our server is encrypted using only the most secure encryption protocols. Therefore, no one can intercept your data in transit.
  • Personal data is never displayed to other users of the service.
  • Some parts of the personal data are transferred to third-party providers. We have selected these providers carefully and require them to comply with the highest possible industry standards and legal obligations. All third-party providers are listed in https://www.iubenda.com/privacy-policy/52289256
     
  • We monitor the security of the systems and perform regular security testing to ensure that your data is secure. We cooperate with the best security testers in the world (bug bounty) to be always one step ahead of attackers.

What is SMART VALOR's security strategy?

Security and, when needed, the privacy of blockchain technologies is a topic that is constantly being studied and improved upon. While SMART VALOR relies on existing solutions, the team is also continuously monitoring new developments, with a view to implementing more reliable technologies as they evolve in order to rigorously eliminate security risks.

 

Through overall software security, organization and risk management and by following other classical best practices, SMART VALOR is fully aligned with managing blockchain technology and digital assets as a complete system. We also implement more specific measures dedicated to its context, in particular security of wallets and secure custody.

 

Secure custody, wallet security, system security, smart contract security, strong authentication, and blockchain security are the major elements of our security strategy. Smart contract security is, in particular, covered by security audits (internal and external), reuse of existing building blocks, the release of code for community review, early deployment on testnets, and formal specification up to formal validation when possible.

 

In addition, SMART VALOR actively participates in the establishment of the future security and privacy standards of the blockchain/cryptocurrency / crypto exchanges industry.

Anti-phishing code

What is an Anti-Phishing code?

 

Anti-Phishing code refers to a security feature SMART VALOR and many other platforms offer to increase account security and increase customer trust. This is a code, that is randomly generated for you, or you can set it yourself, which is added at the top of all emails sent to you by us. All official emails from SMART VALOR will include this code to verify the legitimacy of the email.

 

Why is an Anti-phishing code important?

 

Without this code, you will have a harder time distinguishing legitimate emails from SMART VALOR, from those sent to you by fraudulent actors attempting to compromise your account.

 

What even is phishing?

 

Phishing is a type of social engineering where the attacker pretends to be a reputable organization, company, or service provider. This is done in an attempt to receive sensitive information, compromise account or service access, or install malicious software on a device. In the context of digital asset exchanges such as SMART VALOR, this type of attack is most often used in an attempt to steal login information and account access. Most often the goal is obtaining your funds, but can also be gaining additional access to your other accounts.

 

For more information on the topic, you can check this: Phishing.org

 

Feel free to also check out our Security section for more tips on how to secure your account and improve your security awareness.

Bug Bounty Program

At SMART VALOR, the security of our services is of the highest priority and our technical experts have made an exceptional effort to identify all the bugs and vulnerabilities in our systems. To optimize the process, we invite inputs and reports from our community. Write your report to support@smartvalor.com.

 

How can I report vulnerabilities I’ve found on your website?

 

We have a Bug Bounty program that enables security experts and bug testers to report their findings and potentially earn a reward for their efforts. We encourage all kinds of reports to be sent to us, but please keep in mind that rewards are not guaranteed. All reporters that wish to receive a reward need to adhere to a strict set of requirements and conditions. Testing needs to be performed with a responsible assessment and disclosure model.

 

Where can I find the terms and conditions for the Bug Bounty program?

 

The terms and conditions of the program can be found here:  Smart Valor Bug Bounty Program

Please make sure to read and understand the full article and all points contained within it before sending us a report. 

 

How will I receive a reward if I am granted one?

 

Rewards are provided in VALOR to a fully verified account on the SMART VALOR platform. All Researchers need to have a fully verified account on the SMART VALOR platform in order to receive a reward if granted one. This is why we highly recommend creating an account and verifying your identity on the platform before attempting any security research on our platform or making any reports for the program.

 

Disclaimer: SMART VALOR reserves the right to determine which reports receive or don’t receive a reward as well as the amount of the reward received. Additionally, we reserve the right to disqualify reports or reporters that do not follow the terms of the program or the general terms of the platform.