All around the internet, your data can be at risk. From the state-financed attacks to small-scale intrusions, the threats are now more diverse and numerous than ever. Considering the financial nature of the services we offer, we take security very seriously.
We work very hard on protecting our services, enforcing best practices with the help of security experts. They help us to make sure that only the rightful owner of a given account can buy, sell and move funds.
Despite all the safeguards we put in place, you are ultimately the main actor of your assets safety. You must take steps to protect your email account, as well as the credentials you use on Savitar.
You can enhance your account security even further using "2 Factor Authentication" (also known as 2 FA). This article will help you set it up and understand how it works.
What is 2FA?
As the name would suggest, 2FA uses a second factor to confirm the identity of a given person. Once 2 FA is activated, the login and password are no longer sufficient by themselves to log in.
Indeed, after typing its credentials, the user will also have to input a unique code sent to its mobile device. The code is refreshed every 30 seconds to make sure only a recent one can work. Hence, an account using 2FA is much harder to hack into.
How to use it?
There are different ways to set up 2FA, yet some are much more secure than others. Overall, we recommend avoiding as much as possible 2FA tied directly to your phone number. Phone numbers are not reliable enough. "SIM Jacking" attacks can let a hacker access your phone number (and the text you receive) without having physical access to your phone or SIM card.
So, which 2FA workflow to use? The easiest is probably using the Google Authenticator app. It's a mobile app made to handle 2FA for you, tied to your Google Account.
The setup is the same on iPhone and Android:
Step 1 - Install the Google Authenticator app.
Step 2 - BACK UP THE RECOVERY CODES.
In case you lose access to your Google account (and therefore lose access to all apps tied with 2FA enabled), you can print recovery codes at any time, up to 10. Each code can be used to log into your account only once. The whole operation is documented here for all supports.
Step 3 - Sync with your Savitar account.
Once you have the Google Authenticator app installed and set up, the last thing you need is to link it with Savitar. To do so, please visit the Account Security page. You'll have to scan a QR-code using your Authenticator app and then input the 6-numbers code generated by the app.Here is a GIF showing you the whole activation process on your computer:
Note: Step 1 & 2 are only necessary the first time you set up Google Authenticator. After that, just step 3 is required to sync with a new account.
2FA is incredibly useful to ensure your account security and integrity. However, since we work hand in hand with financial authorities to ensure the continued compliance of our service, we need other verification tools.
Indeed, complying with AML practices require us to be able to verify our users' identity. The features of our service (withdrawal, transactions…) are limited until you satisfy the following verification process:
- Verified Email - Done by clicking the link you received on your mailbox right after your registration.
- Verified Phone - It can be done on the security page of your account. You'll have to provide a phone number and be able to receive text messages.
- Verified Documents - The last level of verification, enabling all features of our service. You'll need a valid ID or passport to proceed. Please make sure you have a scan of both the front and the back of your ID document.
Please make sure to follow security best practices to protect your assets. Feel free to reach out to our support team if you have any concerns.
Once your account is secured, feel free to document yourself about order types and volume to make the most of Savitar.
That's it for today. Trade safe!