Security

2FA, whitelists, key encryption — your funds are locked down

The Problem

Why Businesses Need This

Crypto is irreversible — one security breach means permanent loss. Most payment platforms offer basic password protection that's easily compromised through phishing, SIM swaps, or credential stuffing attacks.

The Solution

How NordPay Solves It

NordPay implements defense in depth: every sensitive action requires 2FA, withdrawals can only go to whitelisted addresses, private keys are encrypted with AES-256-GCM, and the system automatically requires additional verification for large transactions.

Features

01TOTP 2FA per-actionTwo-factor authentication via Google Authenticator for login, password changes, withdrawals, and team management. Not just login — every sensitive action.

02Withdrawal address whitelistOnly pre-approved addresses can receive withdrawals. Adding a new address requires 2FA confirmation and a cooling period.

03AES-256-GCM key encryptionPrivate keys are encrypted at rest using AES-256-GCM — the same standard used by banks and government agencies.

04Dynamic 2FA thresholdsTransactions exceeding 5% of your monthly turnover automatically trigger additional 2FA verification.

05Complete audit logEvery action logged with IP address, geolocation, device fingerprint, and timestamp. Detect suspicious activity instantly.

Key Benefits

✓2FA on every sensitive action
✓Withdrawal address whitelisting
✓Military-grade encryption
✓Dynamic fraud detection
✓Session management
✓Complete audit trail

Best For

→All businesses handling crypto funds
→Enterprise organizations
→Regulated financial services
→High-value transaction processors
→Security-conscious merchants

Frequently Asked Questions

QIs 2FA mandatory?

2FA is strongly recommended and required for withdrawals and team management. We support Google Authenticator and compatible TOTP apps.

QWhat happens if I lose my 2FA device?

Contact support with your identity verification. We have a secure recovery process that includes additional identity checks.

QHow are private keys stored?

Private keys are encrypted using AES-256-GCM and stored in secure, isolated infrastructure. Keys are never exposed to the internet or accessible to NordPay employees.

Other NordPay Products

Crypto InvoicesBill your clients in crypto — settle in crypto or fiatLearn more →Payment APIIntegrate crypto payments into any platform in hours, not weeksLearn more →Hosted CheckoutAccept crypto in 15 minutes — zero frontend developmentLearn more →Fiat SettlementAccept crypto — receive dollars on your bank accountLearn more →Mass PayoutsPay hundreds of recipients in one batch — crypto or fiatLearn more →Crypto WalletsYour business address on the blockchain — accept payments 24/7Learn more →Auto-ConversionReceived ETH this morning — it's USDT by evening. Automatically.Learn more →Built-in ExchangeConvert between crypto and fiat right in your dashboardLearn more →Multi-WorkspaceOne account — multiple businesses. Each with its own settings.Learn more →Team & RolesGive your accountant access to balances, your developer — to API. Nothing more.Learn more →AML & Risk ScoringEvery incoming payment is checked automatically. Sanctions, mixers, ransomware — we see it all.Learn more →KYC Verification3 verification tiers. More trust — more capabilities.Learn more →Dashboard & AnalyticsAll your payments, balances, and analytics — on one screenLearn more →

Ready to Discuss Integration?

Our team will help you find the best solution for your business. Free consultation.

Get in Touch API Docs