Security
A concise summary of how TICPOZ protects your account, your broker tokens, and your strategies. The full posture lives on the Security page.
Last updated · 2026-05-13
This page summarises the security controls most relevant to people using the product. For the full posture — sub-processors, residency commitments, audit log scope, incident response — see /security.
Account credentials
Password hashing
A modern, memory-hard password-hashing function with a per-user random salt and a server-side secret held outside the data store. Raw passwords are never logged and are discarded immediately after hash comparison.
Two-factor authentication
Optional TOTP-based 2FA. We strongly recommend enabling it on any account that has a broker connected.
Session tokens
Signed, time-limited tokens. Browser sessions expire on a regular cycle; worker-to-API tokens expire in minutes.
Broker tokens
Encryption at rest
A strong, modern symmetric cipher with a unique initialisation vector per record. Encrypted records carry a version prefix so we can rotate algorithms without losing legacy access.
In-memory handling
The decryption key never leaves the worker process. Tokens are decrypted on demand inside a single function frame and discarded immediately after use.
Revocation
Disconnecting a broker calls the upstream revoke endpoint, rotates any worker-side credential to an unusable value, and overwrites the local record with a tombstone. See
Broker setup.
Network and isolation
Dedicated IPv4
Every user gets a dedicated, routable IPv4 address bound exclusively to their worker. All outbound traffic — broker API, webhooks, MT5 bridge — uses that single, stable address.
Compute
Production runs on tier-1 cloud infrastructure with redundant EU and US regions. Disks are encrypted at the host level. Backups are encrypted with separately managed keys.
Edge
Public endpoints are fronted by a global edge network with DDoS protection. TLS 1.3 only; HTTP is redirected and HSTS is enforced.
Admin plane
The admin surface is gated by an IP allowlist and a second factor. Customer surfaces do not share infrastructure with the admin surface.
Storage
Application data
Stored on a private volume with locked permissions. No public network exposure. Encrypted at the host level. Backups are taken on a regular schedule and retained for thirty days.
Audit log
Every authenticated action — login, broker connect, droplet state change, force-trade, settings change — is recorded with timestamp, actor, and IP. You can read your own audit log from Settings.
Responsible disclosure
If you believe you have found a vulnerability, report it to [email protected]. Include enough detail to reproduce. We acknowledge within one business day, will not pursue you legally for good-faith research within scope, and will credit you publicly once the fix ships if you would like.
Out of scope: third-party services (your broker, your email provider, your password manager), denial-of-service testing, and physical attacks. The full scope is on the Security page.
What we cannot protect against
We cannot prevent loss caused by markets, broker failures, or strategy logic. TICPOZ is software, not advice; we are not your broker and not your adviser. Use realistic risk caps and never deploy a strategy you cannot defend clause-by-clause.
Further reading
For the full posture — including the sub-processor list, residency choices, and incident response timelines — see
/security. For privacy specifics, see the
privacy policy.