Security
How Mayson protects you and your assets.
How your exchange credentials are protected
🔐 API Key EncryptionBuilt-in safety guardrails and limits
🛡️ Risk ManagementSecurity Overview
Mayson is built with security as a top priority:
| Security Layer | Protection |
|---|---|
| Data Encryption | AES-256 encryption at rest |
| Transport | TLS 1.3 for all communications |
| Authentication | Enterprise-grade auth via Kinde |
| Access Control | Role-based permissions |
| Monitoring | 24/7 security monitoring |
| Compliance | VARA regulations (UAE) |
Your Responsibilities
While Mayson provides robust security, you also play a role:
✅ DO
- Use a strong, unique password
- Enable 2FA on your Mayson account
- Enable 2FA on your exchanges
- Never share API keys with anyone
- Review trading activity regularly
❌ DON’T
- Use the same password across sites
- Enable withdrawal permissions on API keys
- Share your Mayson account
- Click suspicious links in emails
Reporting Security Issues
If you notice suspicious activity:
- Immediately change your password
- Disconnect exchange API keys
- Contact [email protected]
- Check your exchange accounts directly
Security Certifications
- SOC 2 Type II (in progress)
- ISO 27001 (planned)
- VARA Compliance (UAE)
Learn more about specific security features below.