As a trading platform, we fully understand the trader's doubt and fear about giving access to your exchange accounts via API key. The DarkBot platform was built by traders for traders, and we put security questions in the first place.

You must be sure that your funds and orders are secured, and no one will get unauthorized access to your DarkBot account. While we cannot disclose all of our security standards and techniques, we would like to highlight the essential part of it:

Account Access

• All login attempts are secured - if we ever notice your account trying to connect from an unknown device or location, you will receive a confirmation email to authorize access.

• Protection from failed login attempts - failed login attempts will result in both an account and API temporary lockout to prevent password match attacks.

• Complex password support - you can use a long and mixed password with a combination of letters, numbers, and symbols.

• Two-factor verification - one-time use token to allow authorization to your account. We encourage all users to install 2FA application on the mobile device as an extra security layout

API Keys

• Limited access to your API key - you are the one who decides all the settings for your API key. To utilize the Bitsgap platform at full power, we require only access to your trade history, balance view, and trading.

• No withdrawal allowed in the permissions - as an extra security measure, whenever you add your API key, we always check if you have restricted the option to withdraw funds. If this option is enabled then the API key will not be accepted.

• API keys always hidden in an encrypted format - your password and API keys are always encrypted, and no one except you and your exchange have access to them.