A secure account is a product of a well-tuned relationship between ICONOMI’s security and the user themselves.
Everyone wants their assets to be as safe as possible. We, too, take security seriously. There are many ways you can protect your money and account from anyone trying to steal them.
Step one is having a secure password. Remember, there is money behind the password. So make sure it is as secure as possible - length is more important than complexity, but still, make it one you can remember. It should be unique and only used on ICONOMI and nowhere else. Do not share it with anyone, and if you need to write it down, do so offline - somewhere where only you can access it but in a location where your guests cannot find it. Changing it often, at least once every month, is also a good practice.
Next up is 2-factor authentication, or 2FA. 2FA adds an extra layer of security to your accounts by requiring you to use an additional one-time six-digit code, randomly generated by a service on your mobile device or 2FA application. This ensures that your account requires both a password that only you know and your device to unlock. Double security, making your account much more secure.
Additionally, you will be asked to set up a different 2-factor authentication code for withdrawals. You will need at least one, and you will need to wait 24 hours after setting it up before you can withdraw. These 24 hours give you some time to report a potentially hacked account before any assets can be withdrawn.
Try to log in only from your devices. On the go, you can use our mobile app – try to avoid using public computers.
Any connected account to ICONOMI can be a weak point for a potential breach, especially your email and 2FA application. Just think how many services are tied to your email and how many passwords can be reset and taken over if someone gains access to it. We suggest you have a strong password and 2FA for your email account as well.
Speaking of 2FA, we recommend having it enabled for your ICONOMI account as well as your email account, and while that's true, we also suggest it is secure. Secure it with a password or biometrics recognition, and if you are using it on your phone, have that locked as well.
Firstly, you can always see if anyone logs into your account or if there are any suspicious logins. To see this, navigate to the security page of your account's settings on the web or to just settings on the mobile app. There, you’ll see when and from approximately where someone tried to log in to your account. If you see anything suspicious here, immediately change your password and 2FA, and contact us if you need further help.
Similarly, on the same page, you can see your active sessions. This tab will show you all the devices and IP locations of your signed-in sessions. If you see any that seem suspicious or that should not be there, click the Cancel button, and we will immediately cut off that session and log you out from that device. Again, as with the login logs, change your password and 2FA.
Also, whenever there’s a new login to your account, we’ll send you an email with a few details so you can decide whether the login is suspicious.
Assets at ICONOMI are secured and stored in our proprietary system of hot and cold wallets, with a multi-level / multi-signature structure and specially designed processes and guidelines that we follow. The short way to describe this is that if you want to move assets, you need signatures from multiple people/organizations. When you add time and location complexity, you’re talking about a very safe way to protect assets.
If you want to delve deeper into ICONOMI's custody overview, read our Custody Overview article.
When it comes to withdrawing fiat, you will first need to whitelist your IBAN account before you can withdraw. You do so by sending any amount of money from that IBAN to your ICONOMI account. This way, we can match and confirm that the IBAN is in your name and verified with a bank. Thus, whenever you withdraw funds, they will go to an account with your name on it and not someone else’s. As a result, if you lose access to your account, the perpetrator will be unable to withdraw funds from it.
As we’ve stated quite a few times, don’t be afraid to contact us immediately with any suspicious activity. Your account is important to both us and to yourself.
Our support team is constantly monitoring support tickets, especially those with a potential security breach of an account. If you select the "Account compromised" option when submitting a support request, one of our agents will block your account's withdrawals within minutes and then contact you with further information.