pointer

      CONTACT SALES
      • PLATFORM
      • USE CASES
      • ABOUT
      • RESOURCES

      People and infrastructure you can trust

      We deploy best-in-class practices and tools to maintain security on all levels.

      People and infrastructure you can trust
      COMPANY

      Security with BitGo RWA

      Authentication and authorization

      BitGo RWA maintains strict role-based access control across all our internal and external systems. Access to all critical services requires SSO or multi-factor authentication where available.

      External audits

      An annual independent audit of policies and procedures is conducted at BitGo RWA. This includes reviewing the Information Security Policy, Third-Party Risk Management Policy, Business Continuity Policy, Incident Response Policy, and data privacy practices.

      Vulnerability & Risk Management

      BitGo RWA continuously performs internal vulnerability scans to identify and remediate potential system vulnerabilities. Regular risk assessments are conducted to ensure a comprehensive understanding of security, availability, and privacy risks in products and services.

      Vendor Management Risk management

      BitGo RWA implements third-party management policies and procedures to protect assets and data accessible by vendors, ensuring information security and service delivery standards are met.

      Background checks

      BitGo RWA conducts background checks on all applicants selected for full-time employment.

      Training

      All BitGo RWA employees are required to complete annual security training.

      Policy Checklist Data and Privacy Incident Response Business Policy Data Security
      INFRASTRUCTURE

      Infrastructure security

      Privacy

      BitGo RWA is committed to compliance with all applicable financial and data privacy laws.

      External audits

      BitGo RWA conducts an annual external independent audit — penetration testing, vulnerability scans, and information security.

      Audit logs

      BitGo RWA collects audit trails, covering every write operation in BitGo RWA’s ecosystem.

      Data encryption

      BitGo RWA encrypts all data, with the strongest encryption available with at least the standards of (AES-256-GCM) and (TLS 1.2).

      Hosting and Segmentation

      BitGo RWA’s uses a Tier 1 Cloud Provider to host fully segregated sandbox and production environments.

      Network

      BitGo RWA uses ACLs and Web Application Firewalls amongst other network security tools to audit and detect abnormal behavior.

      End-to-End Encryption Running security check ... Scheduled 1 min ago 17 mins ago 53 mins ago Success Success Success Success Success Scheduled Scheduled Completed Completed Completed Completed Completed
      PRODUCT

      Product security

      API token scopes

      Customer tokens restrict API resources to only what is enabled for a specific customer, and limit token exposure to individual customers. API tokens are set to automatically expire in one year. BitGo RWA lets you customize expiration dates to enforce stricter security policies in your organization.

      Client Login

      They include built-in Two Factor Authentication (OTP) and customizable expiry that your systems can rely on. BitGo RWA helps you track and log your account and organizational access.

      Roles and permissions

      The BitGo RWA dashboard includes built-in roles and permissions for your team members. This ensures that access to information on a need-to-know basis only.

      Roles & Permissions Read Write Cards Statements Accounts Transactions Authorizations Payments Customers Webhooks Customer Tags Cards Sensitive
      AVAILABILITY

      Availability

      Redundancy

      BitGo RWA ensures high availability, improving recovery times and providing access to second availability zones.

      Backups

      We backup all production data and all backups are geo-replicate backups within the same judicial data boundary.

      Monitoring

      We continuously monitor the platform and post real-time updates to our public status page.

      Business continuity

      We have a comprehensive business continuity plan that we activate put into action when facing disruptions. To ensure its effectiveness, we conduct annual tests. This rigorous testing process enables us to fine-tune the plan, allowing us to handle any unforeseen circumstances with confidence.

      System Operations Past Incidents Dashboard Updated 3 hours ago Updated 1 hour ago Updated 2 minutes ago API 0 Sandbox No incidents Recorded
      REPORTS

      Reporting a potential security concern

      BitGo RWA encourages everyone to follow responsible disclosure procedures when reporting security issues that surround our products, services, websites, or infrastructure. We are committed to engaging with anyone reporting security vulnerabilities in a positive, professional, mutually beneficial manner that protects our customers.

      To report a security bug, please contact us at:
      security@brassicafin.com
      Background image for footer
      JOIN THE #BitGoRWA FAMILY

      Bring financial features to life and start building — today

      CHAT WITH AN EXPERT
      Background image for footer

      Disclaimer: Distributions and tax reporting capabilities are under development are not currently available. Digital asset services are not currently available and remain subject to regulatory approval.

      Information provided on this website is for informational purposes only and should not be relied upon as advice, whether legal, regulatory, indicating suitability, or otherwise.

      “BitGo RWA” refers to entities that are offered through the wholly-owned subsidiaries of BitGo Holdings, Inc., a Delaware Corporation.
      Brassica Services LLC is an SEC-registered transfer agent established in Texas.
      BitGo Trust Company, Inc. is a South Dakota-chartered trust company.
      The information on this website is for informational purposes only. BitGo RWA seeks to make this site as accurate as possible and any information or opinions contained herein have been produced or reproduced by BitGo RWA based on information obtained from sources believed to be reliable, but which has not in all cases been independently verified. BitGo RWA, and its members, managers, officers, affiliates, employees, and the like, make no guarantees, representations, or warranties as to the accuracy and completeness of the information contained herein. BitGo RWA is not providing any investment, tax, or legal advice, and any person seeking such advice should confer with their own independent advisors, tax professionals, and legal counsel.

      Unless specifically stated otherwise, nothing on this website constitutes an offer to purchase or sell any security or investment product, nor does it constitute professional advice. For the avoidance of doubt, any product and service mentioned in this website are not offered to any person or entity in any jurisdiction or country where the advertisement, offer, solicitation, provision, or sale of such product and service is restricted or prohibited by law or regulation, or where BitGo RWA or any of its affiliates would be subject to any regulation or licensing requirement.

      References on the website to any names, marks, products or services of third parties or hypertext links to third party sites or information do not constitute or imply an endorsement, sponsorship, or recommendation of the third party, information, product or service by BitGo RWA. BitGo RWA does not endorse or make any warranties or representations about any site you may access through the website. Any links to other sites are provided for convenience only. If you access any third-party website through the website or otherwise, you do so at your own risk.

      © 2024 BitGo RWA Technologies Inc.