Built for operators who need clear account controls.
Security is built around encrypted transport, restricted access, published policies, and reviewable logs.
Infrastructure Security
Detailed technical controls and operational review measures.
Encrypted Transport
Public website and app API traffic use HTTPS/TLS.
Secure Storage
Sensitive account and session data is stored using encrypted services and restricted access controls.
Rate Limiting
Public endpoints and authentication flows are throttled to reduce abuse and repeated failures.
Role Separation
User, merchant, and admin workspaces are separated by role and permission checks.
Session Protection
Active sessions can be reviewed and revoked from the security screens.
Recovery Planning
Operational backups and recovery procedures are maintained for core services.
Compliance & Audits
Detailed technical controls and operational review measures.
Public Policy Pages
Privacy, terms, AML, KYC, and risk pages are published and linked from the footer.
KYC / AML Review
Identity, document, and transaction-review flows are available for compliance checks.
Audit Trails
Security and account actions are logged for review and support follow-up.
Support Escalation
Account issues can be escalated through the official support channel.
Risk Disclosure
Product-specific risk language is published where relevant.
Access Readiness
Reviewer access can be prepared through published instructions and the official support channel.
Access Control
Detailed technical controls and operational review measures.
Two-Factor Authentication (2FA)
2FA can be enabled for user and merchant accounts where supported.
Role-Based Access Control (RBAC)
User, merchant, trader, and admin views are separated by role and permission checks.
Device Review
Active sessions can be reviewed from the security screen.
Password Security
Passwords are hashed and reset flows are email-based.
Withdrawal Safeguards
Withdrawal and sensitive account changes are gated by verification and account status checks.
Rate Limiting & Lockouts
Repeated failed attempts are throttled to reduce abuse and credential stuffing.
Protect your account
Best practices recommended by our security team.
Enable All Security Features
- ➤ Activate 2FA (use hardware key if possible)
- ➤ Enable withdrawal whitelist
- ➤ Set up device notifications
- ➤ Use unique, strong password (12+ characters)
- ➤ Never share credentials or 2FA codes
Practice Operational Security
- ➤ Verify email sender addresses carefully
- ➤ Bookmark puridex.pro (never click links in emails)
- ➤ Check URL for HTTPS and correct domain
- ➤ Use password manager to prevent phishing
- ➤ Monitor account activity weekly
Protect Your Devices
- ➤ Keep operating system updated
- ➤ Use reputable antivirus software
- ➤ Never access from public WiFi without VPN
- ➤ Lock devices when unattended
- ➤ Encrypt your hard drive
Current status
Current platform status indicators.
Transport
HTTPS
Storage
Encrypted
Access
Role-based
Policies
Published
Support
Official
Audit
Enabled
Important Security Disclosures
While we employ reasonable security measures, no system is entirely free of risk. Users should enable available protections and review their own device and account security. The remaining risks include:
- • Market volatility or transaction losses
- • User error (sending to the wrong address, lost credentials)
- • Social engineering or phishing attacks targeting you directly
- • Losses from failure to enable security features (2FA, whitelist)
You are responsible for maintaining the confidentiality of your credentials and enabling all available security features.
Our security team is available.
Get the public policy links, review the security notes, or contact support for account-specific help.