Security

Enterprise-Grade Security

Protecting digital assets with institutional-grade infrastructure. Our security architecture is designed to meet the requirements of regulated financial institutions.

Security Architecture

🔐

HSM-Backed Key Management

All private keys are generated and stored in FIPS 140-2 Level 3 certified Hardware Security Modules (HSMs) using AWS CloudHSM, Azure Dedicated HSM, or Thales Luna.

🛡️

Multi-Party Computation (MPC)

Threshold signing with 2-of-3 or 3-of-5 configurations ensures no single party can unilaterally move funds. Key shares are distributed across geographic regions.

⚛️

Post-Quantum Cryptography

Future-proofed against quantum threats with CRYSTALS-Dilithium, Kyber, and SPHINCS+ algorithms. Hybrid classical/quantum signatures available.

🔒

Enterprise Identity & Access

SAML 2.0, OIDC, and OAuth 2.0 integration with your existing IdP. Role-based access control, audit logging, and session management.

🌐

Network Security

All traffic encrypted with TLS 1.3. WAF protection, DDoS mitigation, and IP allowlisting. Private endpoints available for enterprise deployments.

📋

Compliance & Audits

SOC 2 Type II certified. Regular penetration testing by independent security firms. Full audit trail of all transactions and administrative actions.

Certifications & Compliance

SOC 2 Type II

Certified

ISO 27001

In Progress

PCI DSS

Compliant

GDPR

Compliant

Operational Security

Penetration Testing

Annual third-party penetration tests conducted by leading security firms. Continuous vulnerability scanning with automated remediation workflows.

Incident Response

24/7 security operations center (SOC) monitoring. Documented incident response procedures with defined SLAs and communication protocols.

Business Continuity

Multi-region disaster recovery with RPO/RTO targets. Regular DR drills and documented recovery procedures. Encrypted off-site backups.

Vendor Management

Rigorous third-party risk assessment program. All critical vendors undergo security review and contractual security requirements.

Security Research Program

We work with security researchers to identify and address vulnerabilities. If you discover a security issue, please report it responsibly.

security@lux.financial

Questions about our security?

Our security team is available to discuss your specific requirements.

Talk to Sales