Bitvavo stores the vast majority of digital assets in cold wallets. These funds are stored offline in secure locations and require manual action to be moved, which are regulated by strict access protocols.
Bitvavo's cold storage is kept in bank-grade vaults with 24/7 monitoring. All the vaults meet the strict requirements of safety category 4+. This is the highest security category in the Netherlands.
Bitvavo's cold storage devices are distributed among a multitude of different geographic locations, to protect against potential destructive physical risks such as fires or environmental disasters.
Bitvavo takes various steps to ensure secure and reliable API access for its users. Set up a secure API environment by explicitly giving read, trade, and withdraw access. Use IP and withdrawal address whitelists to protect yourself against malicious requests or withdrawals.
To ensure reliable access, Bitvavo hosts vital services in multiple availability zones with automatic failovers. In case of an outage, these failovers automatically redirect traffic to available services.
Bitvavo uses data centers compliant with the following certifications: ISO 9001, ISO 27001, ISO 27017, PCI DSS Level 1, SOC 1 - 3. These standards help Bitvavo to achieve high levels of security and compliance in its cloud infrastructure.
Bitvavo uses extensive logging for employee access and employs advanced monitoring tools to detect abnormalities and uses machine learning, anomaly detection, and integrated threat intelligence to identify and prioritize potential threats.