Anti-Fraud Measures Standard
Our multi-layer approach to fraud detection and prevention, covering authentication, transactions, and technical protections.
Anti-Fraud Measures
| Field |
Value |
| Document ID |
STD-001 |
| Classification |
Internal |
| Owner |
CTO (interim CISO) |
| Effective Date |
April 2026 |
| Review Cycle |
Annual |
Our approach to preventing fraud covers three main layers: authentication controls, transaction security, and technical protections at the gateway.
Authentication Security
| Control |
What It Does |
| OTP Rate Limiting |
Prevents abuse and automated attacks by limiting the number of OTPs that can be requested. |
| 2FA for Critical Operations |
Requires multi-factor authentication for sensitive actions and transactions. |
| Transaction Authentication |
Requires additional OTP or PIN verification for specific transactions like starting a SIP or creating a mandate. |
| Device Binding |
Uses trusted device registration and biometric authentication on mobile for subsequent access. |
Transaction Controls
| Control |
What It Does |
| KYC Gating |
Allows transactions only after a user has completed KYC verification. |
| Real-time Position Monitoring |
Continuously monitors trading positions and activities for anomalies. |
| Automated Trading Limits |
Enforces pre-defined trading limits and sends immediate alerts if they are breached. |
| Kill Switches |
Provides the ability to immediately halt trading for a user or the entire platform in case of suspicious activity. |
Gateway & Defacement Protection
| Control |
Implementation |
| DDoS Protection |
We use Cloudflare’s enterprise-grade DDoS protection and traffic filtering. |
| Bot Detection |
We have automated detection and blocking for malicious bots and scrapers. |
| Rate Limiting |
The API gateway enforces rate limiting based on user type and the specific endpoint being called. |
| Geo-blocking |
We use geographic access restrictions for sensitive operations. |
| IP Whitelisting |
Access to certain internal services is restricted to approved IP addresses. |
Monitoring and Response
We have real-time alerts for suspicious activities, a comprehensive investigation process, and a defined escalation path to the security operations team and CTO.
Response Procedures
| Severity |
Response SLA |
Actions |
| Critical |
15 minutes |
Immediately freeze the account, notify the user, and escalate to the CTO. |
| High |
1 hour |
Investigate, apply temporary restrictions, and notify the security team. |
| Medium |
4 hours |
Review logs, assess the risk, and implement targeted controls. |
Kill Switch Procedures
In the case of a confirmed fraud or system compromise, we have the following kill switches available:
| Kill Switch |
Scope |
Activation |
| User Account Freeze |
A single user |
Security team via the admin panel. |
| Trading Halt |
All users |
CTO or Security Lead via an emergency procedure. |
| API Shutdown |
Specific endpoints |
SRE via a configuration change. |
| Full Platform Lockdown |
All services |
Requires CTO authorization. |