AICoin third-Party trading security analysis

AICoin third-Party trading security analysis_aicoin_图1

Trading on Binance, ZB and Gate. io via AICoin app is now available. More trading platforms will be available in the near future. We attach great importance to product technologies, pay special attention to security issues and invest heavily on trading functionality. We try our best to bring our users more secure and convenient user experience.  

We do not ask our users for account information of trading platforms. Neither do we try to obtain account passwords of our users. You have no need to worry about your account information of trading platforms being leaked. Please find below the trading security analysis for AICoin app. 

Security analysis for iOS:

1、The trading interfaces of major trading platforms available on AICoin app are developed on the basis of the authority files of each platform and all have undergone security evaluation by our team. Packet capture is welcomed. 

2、AICoin has never asked the users for extra information (such as account information of trading platforms) other than authorization information (apiKey and secretKery). The trading platforms will not provide key information such as user password. 

3、Authorization information is generated by trading platforms and therefore the security is trustworthy. The users provide AICoin with their authorization information by scanning QR code or entering manually, with which AICoin gains access to trade via api. This is the only information needed.

4、AICoin will never upload any sensitive information. All authorization information provided by the users are stored only in their mobile devices. Again, packet capture is welcomed.

5、All encryption operations are performed in mobile devices, which is secure and reliable. 

6、AICoin stores secret keys in a secure and reliable way. All authorization information undergoes multiple encryption (encryption technologies provided by Apple are also used) to ensure security. 

7、Memory encryption technologies are used to prevent crackers from reading encrypted memory information easily.  

Security analysis for Android: 

1、When users log in to AICoin app, they use their AICoin accounts but not accounts of trading platforms. Their account information of trading platforms therefore has no risk of leakage.  

2、The authorization information provided by users will only be stored in mobile devices. AICoin will not transmit the information via network. Trading on AICoin app will not lead to secret key leakage.  

3、The secret key is stored only in the user’s mobile phone. Even if the storage method is cracked, secret key information will not be leaked unless the mobile phone is taken away.  

4、The secret key information stored in mobile phones is encrypted with third-party encryption SDK plus local encryption algorithm which will not be cracked easily. 

5、We have optimized our app in terms of preventing reverse engineering. The codes are obscured and probes aiming to hamper reverse analysis are used so the difficulty of reverse cracking has been increased significantly. 

6、Users can delete corresponding secret keys in trading platforms once they detect any security risk. This can prevent further security risk incurred by secret key information leakage. 

We view product experience and product security as our basis of foothold and will always strive for providing ultimate user experience and product security. Please do not hesitate to contact us if you have any questions regarding AICoin. Our goal is to provide a trading tool of absolute security for all digital assets players.