Security

The security of the electronic trading platform is the most critical feature for the operation of the entire system.

Access to the electronic trading platform is linked into the online banking website of the cooperating partner. This allows customers to log on with their regular user name and password (single-sign-on). This prevents confusion for the end-customer and by using a single password, chances for unauthorized access is greatly reduced. In addition, the security of the password is decisively influenced by the current authentication algorithms of the cooperating partner.

Communications between the electronic trading platform and the end-customer is securely protected by the use of SSL encryption. This method ensures that sensitive end-customer information is safe and secure.

Login on to CeFDex’s back-office system is possible only via an encrypted IPSec VPN tunnel. The VPN tunnel is set up between the cooperating partner and CeFDex. 

The electronic trading platform itself is protected by the use of a multistage, redundant multitier back-end firewall system.

CeFDex offers a ticketing application that allows employees of the cooperating partner to direct inquires to us. Access to this application is carried out via a secure SSL connection and is only possible if the employee’s computer has the appropriate client certificate installed on it.

CeFDex contracted an external auditor team to inspect and verify the effectiveness of the electronic trading platform in accordance with the internationally-recognized Open Source Security Testing Methodology Manual (OSSTMM) procedure of the Isecom Organization.