Access, transfer and store your cryptoassets safely from the convenience of your mobile phone.
Our Technology
TrustVault is powered by the world’s most secure hardware and software designed to safeguard private keys and protect digital assets from loss, destruction, theft and fraud, whilst providing the flexibility to transfer instantly, at any time.
How it works
A step-change in private key safeguarding
Stage 1
Instruction Keys
Your Instruction Key is used to sign outgoing transactions, once authorised with your password and facial-scan or fingerprint. The transaction is then submitted to TrustVault via our secure API. This key is kept within your phone’s secure processor, known as the Secure Enclave on iOS, and forever linked to your biometric and government ID.
Secure Enclave
Today, most high-end mobile devices contain a dedicated processor designed to store our most sensitive personal data, such as passwords and biometrics. This processor works similarly to a hardware wallet and, when connected with TrustVault, enables Instruction Keys to be securely stored on a phone.
Stage 2
Policy Files
Your wallet account Policy File is managed within our HSM cluster and used to validate the legitimacy of each transaction. For individuals, a Policy File confirms that the correct Instruction Key signed the transaction before approving a transfer. For businesses, it powers a unique set of advanced security controls, like multi-signatory rules.
Hardware security modules (HSMs)
HSMs are physical computing devices designed to safeguard and manage private keys for crypto-processing. TrustVault uses a global network of these HSMs to provide the industry’s highest level of security.
Stage 3
Transaction Keys
Your Transaction Key is the actual key used to secure assets on the blockchain. It is managed in our secure HSM cluster at all times — it can never be seen by human eyes. Once your Policy File has been used to confirm the legitimacy of your transfer, your Transaction Key is used to re-sign the transaction, providing the final signature needed to complete a transfer on the blockchain.
Hardware security modules (HSMs)
HSMs are physical computing devices designed to safeguard and manage private keys for crypto-processing. TrustVault uses a global network of these HSMs to provide the industry’s highest level of security.
Stage 4
Instant Completion
It takes approximately ⅓ of a second to re-sign a transaction in our HSM cluster, providing almost zero delay between the moment you request a transaction and the point at which it’s submitted to the blockchain.
Account Recovery
Secure account recovery
Unlike a hardware wallet, your TrustVault account can always be recovered, even when the mobile device that holds your Instruction Key is lost or stolen. This is because your assets' private keys are always kept hardware-secure in our data centre hosted HSM cluster and never in your device.
Stage 1
Download TrustVault on your new device
Your first step is to find a new home for your Instruction Key. This means setting-up a compatible mobile device and re-installing the TrustVault app. Upon opening the app, you’ll see the option to begin our Account Recovery Process.
Stage 2
Verify your identity
Once your Account Recovery request has been submitted, a member of our team will contact you to arrange a video call, during which your password, biometrics and government ID documents must be presented and confirmed.
Stage 3
Unlock your account
Once your identity has been confirmed, your Account Recovery request is reviewed and signed-off by multiple members of the Trustology team, after which you receive a notification that your account is ready to use again.
-
Government ID
-
Liveness check
-
Multi-sig approval
Stage 1
Download TrustVault on your new device
Your first step is to find a new home for your Instruction Key. This means setting-up a compatible mobile device and re-installing the TrustVault app. Upon opening the app, you’ll see the option to begin our Account Recovery Process.
Stage 2
Verify your identity
Once your Account Recovery request has been submitted, a member of our team will contact you to arrange a video call, during which your password, biometrics and government ID documents must be presented and confirmed.
Stage 3
Unlock your account
Once your identity has been confirmed, your Account Recovery request is reviewed and signed-off by multiple members of the Trustology team, after which you receive a notification that your account is ready to use again.
-
Government ID
-
Liveness check
-
Multi-sig approval
Insurance
Cryptoasset insurance
For additional financial protection, we offer insurance policies that cover cryptoassets held in TrustVault by both individuals and businesses.
All our insurance plans are arranged by AON.
Risk Prevention
Systemic risk prevention
Cyber and physical theft
All private keys and controls are managed within tamper proof programmable HSMs, and then stored in secure data centres with highly-available multiple encrypted backups in the cloud.
Fraudulent transfers
All transfer instructions must pass through our three-step signing process, beginning with submission via a registered TrustVault app, installed on a mobile device containing a secure processor and biometric locking hardware.
Operator risk
Unlike omnibus account wallets, TrustVault enables each user to own one or more unique, key-safeguarded blockchain wallet addresses, the contents of which can be independently audited by the owner at any time.
Security
Industry-leading security
Automation
TrustVault’s transaction control, verification and signing procedures are managed entirely by our custom firmware operating within HSMs, which are immune to tampering and eliminate the security risks and transaction delays associated with human operators.
Data storage
The T4 infrastructure powering our HSM cluster is provided and managed by an industry-leading financial data provider and continuously monitored by multiple financial security providers.
Internal processes
Whilst very few of TrustVault’s operations are handled by humans, critical operations such as account activation and recovery require signoff from multiple members of our management team, each having passed several background and security checks.
Compliance
KYC & AML
We implement robust procedures around AML compliance utilising the support of both Onfido and Chainalysis. Our Know Your Transaction (KYT) and Know Your Customer (KYC) processes in place ensures we’ve conducted an exhaustive list of checks, in addition to ongoing suspicious activity reporting.
ISO 27001
We conduct regular self-audits in accordance with the international standard for Information Security Management Systems (ISMS), which governs Trustology’s policies, procedures and customer data management controls.
Product Updates
Related content
Newsroom
Jan 18, 2020Digital currency – the future of retail payments
Experts from the payments and crypto sectors look back on 2019 and look ahead to 2020 to discuss with Electronic Payment...
Featured
Jan 15, 20201st Digital Assets Custody Survey 2020
In 2019 Digital Assets Custody conducted a survey around digital assets custody in response to the introduction of the t...
Featured
Dec 11, 2019Crypto custody and DeFi, Plexus interviews Alex Batlin for his views
Plexus’s Colin Platt caught up with Alex Batlin on the topic of crypto custody and Defi. Read the interview and fi...
