Security

Security at TapCash

Your security is our top priority. We employ industry-leading practices and technologies to protect your account, your data, and your funds. Here's how we keep you safe.

Our Security Principles

Defense in Depth

Multiple layers of security controls protect your account and funds at every level of our infrastructure.

Zero Trust Architecture

We verify every request as though it originates from an untrusted network, regardless of location.

Continuous Monitoring

24/7 automated monitoring detects and responds to suspicious activity in real-time.

Least Privilege Access

Team members only have access to the systems and data necessary for their role.

Security Features

Account Security

Multi-Factor Authentication (MFA)

Protect your account with an additional layer of security beyond your password.

Passkeys (WebAuthn)

Use biometrics or hardware security keys for passwordless, phishing-resistant login.

Session Management

View and revoke active sessions from any device at any time.

Login Notifications

Receive alerts for new device logins and suspicious activity.

Account Recovery

Secure recovery process with identity verification to regain access.

Data Protection

End-to-End Encryption

Sensitive data is encrypted in transit using TLS 1.3 and at rest using AES-256.

Key Management

Encryption keys are managed using hardware security modules (HSMs).

Data Minimization

We only collect and retain data necessary to provide our services.

Secure Deletion

When data is no longer needed, it is securely deleted following industry standards.

Infrastructure Security

Cloud Security

Hosted on enterprise-grade cloud infrastructure with SOC 2 compliance.

Network Security

Firewalls, intrusion detection, and DDoS protection safeguard our network.

Regular Penetration Testing

Third-party security firms conduct regular penetration tests and vulnerability assessments.

Secure Development

Security is integrated into our software development lifecycle from design to deployment.

Transaction Security

Real-Time Fraud Detection

Machine learning models analyze transactions for suspicious patterns.

Transaction Limits

Configurable limits help prevent unauthorized large transfers.

Withdrawal Delays

Optional cooling-off periods for large withdrawals to new destinations.

Address Whitelisting

Restrict external transfers to pre-approved addresses only.

Certifications & Compliance

SOC 2 Type II

In Progress

Independent audit of security, availability, and confidentiality controls.

PCI DSS

Compliant

Payment Card Industry Data Security Standard for handling card data.

FinCEN MSB

Registered

Registered Money Services Business with anti-money laundering program.

Security Bug Bounty

We believe in working with the security research community. If you discover a security vulnerability, we want to hear from you. Responsible disclosure is rewarded.

Report vulnerabilities to:

security@tap.cash

Keeping Your Account Secure

Best Practices

  • Enable multi-factor authentication on your account
  • Use a unique, strong password for TapCash
  • Never share your login credentials with anyone
  • Regularly review your account activity and sessions

Avoid Scams

  • TapCash will never ask for your password via email or phone
  • Verify you're on tap.cash before entering credentials
  • Be wary of unsolicited messages about your account
  • Report suspicious activity to security@tap.cash

Security Contacts

Security Team

For vulnerabilities and security research

security@tap.cash

Account Security

For account compromise or unauthorized access

support@tap.cash