At coincheck we take security seriously to ensure customers can have smooth and reliable bitcoin transaction.
Also, as a member of JBA(Japan Blockchain Association) we follow JBA's guidelines to ensure customers can have use coincheck's services in peace.
For more information about JBA's guidelines, please refer to the following link
Here, we will explain everything about coincehck's security.
Back in days when Mt.Gox managed customers wallet, they didn't manage cold wallets completely offline.
At coincheck, we ensure customers illiquid assets is safe by storing secret key completely offline.
97% of assets is stored in a cold wallet.
Cold wallet is stored in multiple places, so even if some of your wallets been destroyed because of unexpected event your bitcoin is kept safe.
Also, a third person can not streal your wallet because we follow AE-256 standard when encrypting your cold wallets.
AES(Advanced Encryption Standard) is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST).
You don't need to worry about vulnerability because coincheck's wallet use RFC6979, a secure way for generating random numbers.
We completely separate company's assets from customers assets. We never use your assets as the company's.
Possible activities that may leak your password.
・Using same passoword in multiple website
・Clicking a spam link
・Downloading software from the internet
By using 2-Step Verification, you can prevent hacking from a third person even your password is stolen.
SSL will avoid third person to see a conection between you and us.
SSL;Secure Socket Layer is a cryptographic protocol.
・Check if key symbol is displayed next to URL.
・URL is ”https://〜”, not ”http://〜”.
Usually, HTTP(HyperText Transfer Protocol) is used when making a connection between server and browser. However, HTTP can not encrypt message or block spoofing. We use SSL to prevent an attack from fraudulent activities.
You can check detail of SSL server certificate by clicking on key displayed in URL column.
SSL is also used in our internal system.
We archive all transaction logs.
We encrypt every customer's data in our database.
Our employees can not view your personal data or use your bitcoins.
We recommend you setting strong password in order to protect your account from a malicious third partys/person. To do that, please check the following.
・Don't use easy to remember password; date of your birth, name and id you use for SNS.
・Please use variations on capitalization, spelling, numbers, and punctuation.
Passwords are hashed. We adopt bcrypt(Blowfish); a hash function is suitable way of authentication.
When you login, we temporary lock your account in order to prevent hacking by a third person if you fail to login for certain times.
We take identity verification seriously to make coincheck a safe place to trade bitcoin. This process is important to avoid fraudulent users.
We ask for SMS Authentication to verify your identity.
We verify your identity by reviewing one or more of the following documents.
A high-resolution copy of either document listed below.（ID mush have your name & issuing country) (For people from non-English speaking country, we only accept passport)
※Please take a selfie of you holding your ID(ID selfie).
・Special Permanent Resident Certificate
・Certificate of Alien Registration
・Basic Resident Register card
・ID published by government offices or special corporation with photo
Either one of the two documents below (For Japanese resident). <br/>Proof of Residency - A high-resolution copy of either document listed below (For people living outside of Japan).
・Utility bill dated within the last three months, showing registered name, residential and mailing address.(Only for people living outside of Japan)
・Bank statement dated within the last three months, showing registered name, residential and mailing address.(Only for people living outside of Japan)
・Certificate of Insurance; Health Insurance, National Health Insurance or Seamen's Insurance (Only for resident in Japan)
・Mutual Benefit Certificate, National Pension Book, Welfare Pension Book (Only for resident in Japan)
・Annuity Bond related National Pension, Welfare Pension or Seamen's Insurance (Only for resident in Japan)
・A Certificate; Mutual Aid Pension or other Pension (Only for resident in Japan)
・Driver's license（Only published since Apl 1 2012）(Only for resident in Japan)
・Student ID, Company ID or an ID published by public organization with photo(Rehabilitation Certificate, Physical Disability Certificate and others) (Only for resident in Japan)
If you represent a corporation please submit the following documents.
All of below
・High-resolution copy of the Certificate of Incorporation issued within 6 months.
・Document detailing the address of the company's registered office (For company outside of Japan). Copy of passbook in corporate name (For company in Japan).
・Photo of company's owner or controlling person holding his/her Photo ID (ex: passport/driver's license).
ID selfie is a modern way of Online Identity Verification. It is used mainly in western countries.
You will be automatically logged out if you do nothing for a certain time. This will protect your account from third person.
In Japan, bitcoin compliance is still at an infant stage. At coincheck, we work together with our legal advisor and carefully operate our business.
As coincheck, we strictly follow current Japanese laws and regulations. We will also continuously monitor regulations in order to predict changes that might happen beforehand.