Security Practices
How we protect your account, your funds and your data — and what you can do to keep your FAUSINO account secure.
最近更新: Jun 2026 · v1.0
Our security commitment
FAUSINO runs a defence-in-depth security program built around the OWASP Top 10, NIST CSF and ISO 27001 control families. We treat your account, your funds and your data as critical infrastructure.
Every security incident, no matter how small, is logged, investigated and post-mortemed.
Account security tools
Two-Factor Authentication
TOTP (Google Authenticator, Authy, 1Password) and email-code 2FA. Required for all withdrawals.
Password hashing
Argon2id with conservative parameters. Passwords are never logged, never stored in plain text, never accessible to staff.
Email-based confirmation
Withdrawals, password changes, email changes and large bonus claims are confirmed via signed magic-link emails.
Session control
Revoke any active session from Profile → Security → Sessions. Suspicious devices trigger an automatic logout.
How we secure your funds
Funds are held in a mix of cold and hot wallets. Hot wallet exposure is rate-limited and capped at the rolling 24-hour withdrawal volume forecast.
Cold storage requires multi-signature approval from geographically distributed signers and is air-gapped.
Infrastructure & monitoring
Production infrastructure runs behind a WAF, with TLS 1.3, HSTS, strict CSP and certificate transparency monitoring.
Continuous anomaly detection on auth, payment and bet streams flags abnormal behaviour in seconds and triggers automated mitigations.
What you can do
- Use a unique, long passphrase generated by a password manager.
- Always enable 2FA — prefer TOTP over SMS.
- Never share screenshots of your email confirmation code or your 2FA app.
- Bookmark our official URL. Always verify the certificate before logging in on a new device.
- Report phishing attempts, fake apps and impersonation accounts to security@igaxming.com.