How We Ensure Top-Level Security of User Accounts │ Bondster

Zpět

How We Ensure Top-Level Security of User Accounts

How We Ensure Top-Level Security of User Accounts

January 26, 2026 For investors | News | Tips and advice

The security of investor accounts has long been our highest priority. Like the entire fintech sector, we continuously respond to the evolving landscape of cyber threats and regularly strengthen the protection of user accounts to meet current market standards and investor expectations. One of the most important security measures is two-factor authentication (2FA), which forms the cornerstone of our security framework and significantly increases protection against unauthorized access. Two-factor authentication is widely regarded as one of the most effective security tools in online financial services.

What Two-Factor Authentication Is and Why It Matters

Two-factor authentication adds an extra layer of security to the standard login process based on a password. In addition to entering login credentials, users must confirm access using a one-time code generated by an authentication app (such as Google Authenticator). In practice, this means that even if someone were to obtain an investor’s password, they would not be able to access the account without physical access to the investor’s mobile device. According to expert estimates, properly configured two-factor authentication can reduce the risk of unauthorized account access by more than 99%.

Security Evolution Reflects the Evolution of Threats

The security of the Bondster platform has always complied with the standards applicable at the time of its implementation. However, cyber risks evolve over time—just as the methods used to counter them do. As part of our ongoing technological development and our responsible approach to protecting investors and their funds, we implemented two-factor authentication in recent years. This measure represents one of the most effective ways to safeguard investment accounts against unauthorized access, and we therefore strongly recommend that our clients activate it.

Client Verification and AML Processes

Robust AML (Anti-Money Laundering) procedures are also an integral part of Bondster’s security framework. We verify each client in accordance with applicable legislation, including identity checks and verification of bank account ownership. For account verification, we use, among other methods, a digitally signed document issued by the bank, which serves as confirmation that the given bank account genuinely belongs to the specific investor. This process significantly reduces the risk of account misuse and unauthorized transactions.

Segregation of Client Funds and Operating Funds

We further ensure the security of financial assets through strict segregation of investor funds from the company’s operating funds. Client funds are held in separate bank accounts, distinct from accounts used for Bondster’s operational purposes. This principle is a standard practice in financial services and ensures maximum transparency and protection of invested funds.

Investor Responsibility and Cooperation

At the same time, it is important to emphasize that account security is always the result of a combination of technical measures and responsible user behavior. Our valid General Terms and Conditions clearly define the obligation to protect login credentials and not share them with third parties. Within our systems, we store only a cryptographically secured (hashed) representation of the user’s password; therefore, login names and passwords cannot be directly compromised from our systems, as we do not possess them in plain form. During each login, credentials are cryptographically processed and only these password hashes are compared. Each user is thus the sole custodian of their login details and is responsible for ensuring that access credentials to the online platform are not made available to other persons.

Recommendations for Clients Without Active Two-Factor Authentication

If a client decides, for any reason, not to activate two-factor authentication and chooses to log in using only a password, we strongly recommend setting a strong password with a minimum length of 12 characters, combining letters, numbers, and special characters. It is also advisable to change the password regularly and not reuse it for other services. Even these basic security measures can significantly reduce the risk of unauthorized access to an account.

How to Activate Two-Factor Authentication

  1. Go to the “My Profile” tab and select Two-Factor Authentication.
  2. Click Enable.
  3. Install the Google Authenticator app, available for Android and iOS.
  4. Scan the QR code in the app and enter the generated 6-digit code on the Bondster platform.
  5. Activation confirmation: after successful setup, you will receive a confirmation email.

For any questions, we are available at +420 283 061 555 (Monday to Friday, 9:00 a.m. – 5:00 p.m.).

Share the article

Most read articles

All articles

Do you like our articles?

Subscribe to the newsletter and do not miss a thing from the world of investment. By subscribing, you consent to the processing of personal data.