Security on Nexo: a quick refresher.

14 May 2026, 15:10
Security on Nexo: a quick refresher A reminder of how security works on Nexo, both what runs in the background and what's available for you to enable. Running in the background: πŸ›‘ Anti-scam engine. Runs on every withdrawal, analysing transactions in real time and flagging anything suspicious before funds leave the platform. Always on. πŸ” Encryption. AES 256-bit SSL across the platform. πŸ“œ Audited infrastructure. SOC 2 Type 2, SOC 3, ISO 27001/17/18, CSA STAR Level 1, all renewed annually. At your disposal: πŸ”‘ 2FA via authenticator app. A second factor on login, also required at sensitive actions (withdrawals, Address Book edits, settings changes). Authenticator apps are stronger than SMS-based 2FA, which is vulnerable to SIM swaps. βœ‰οΈ Anti-phishing code. A personal code in the footer of every legitimate Nexo email. No code, not from us. Set it under Profile, Security & Settings, Anti-phishing code. πŸ” Channel validator. Verify any email, handle, or URL at nexo.com/channel-validator. πŸ“’ Address whitelisting. Locks withdrawals to pre-saved addresses (up to 500), with a configurable delay before new ones can be used. Good to know: Nexo will never ask for your password or 2FA code, request transaction authorisation via chat/email/text, or send a login link via SMS. If anyone does, it isn't us. Suspicious message? Report them to Fuller overview: Common security threats and how to mitigate them.