Security & Fraud Prevention
Overview
At NOAH, we prioritize the security of your digital assets and personal information. Our approach to fraud prevention and security is comprehensive, employing state-of-the-art technology and best practices to safeguard every customer interaction.
1. Security Architecture
1.1 Multi-Party Computation (MPC)
NOAH leverages a proven Multi-Party Computation (MPC) framework for on-chain transactions. This cryptographic method splits private key data among multiple parties and requires distributed approval for each blockchain transaction. By doing so, we achieve robust security without compromising usability:
- Reduced single-point-of-failure risk
- Resilient architecture that can continue operation even if part of the signature node network is compromised
- Automatic checks ensuring only verified, authorized users can complete on-chain actions
1.2 Quantum Ledger Database (QLDB)
Our transaction data is stored in Amazon Quantum Ledger Database (QLDB), providing:
- Immutability: All changes are cryptographically verifiable.
- Transparency: A comprehensive history of each transaction, ensuring complete audit trails.
- Integrity: QLDB’s append-only operation prevents tampering, adding a high level of trust to the ledger.
1.3 Key Enclave
The Key Enclave is our isolated environment for securely storing and retrieving transaction signing information. This ensures that:
- Private keys and sensitive signing data never leave the enclave.
- All signing operations are controlled and verified, preventing unauthorized access.
- Even if an attacker compromises other infrastructure, enclave operations remain isolated and protected.
1.4 Data Scrubbing
We employ data scrubbing to remove personally identifying information (PII) from transaction logs:
- Each user is assigned a unique UserID for ledger transactions, obscuring direct personal identifiers.
- Our scrubbing process ensures that raw PII cannot be accessed by unauthorized parties during routine analytics or logging.
- This approach supports privacy-by-design principles, helping you comply with data protection regulations.
1.5 User Data Protection
Safeguarding personal information is fundamental to our platform design:
- Strict access controls and encryption at rest and in transit.
- Regular penetration testing and audits to continuously evaluate our defensive layers.
- Ongoing training of NOAH personnel on data handling and compliance requirements.
2. Fraud Prevention
2.1 Threat Monitoring
NOAH’s advanced threat detection systems and real-time behavioral analytics help us proactively identify and mitigate illicit activities. We monitor for:
- Suspicious account behavior and abnormal transaction patterns
- Early signs of money laundering, phishing, or scam-related activity
- Unusual login locations, repeated failed attempts, and other red flags that may indicate account takeover
2.2 AML & Compliance Checks
In both Reliance and Standard KYC models, our AML framework includes:
- Thorough verification of user credentials and identity documents
- Continuous monitoring of customer profiles and transactions for high-risk activity
- Identification of “red flags” that warrant enhanced due diligence, reporting, or account suspension
For more on our compliance policies and KYC requirements, see the Compliance Models documentation.
3. PCI Compliance
If you’re using NOAH’s Hosted Checkout solution, rest assured that we handle cardholder data via a PCI Compliant entity. This means your business does not have to maintain its own extended PCI licensing.
- NOAH aligns with PCI SAQ A standards, representing our ongoing commitment to payment security.
- Merchants collecting cardholder data via NOAH’s solutions must still ensure they meet fundamental PCI DSS requirements for their environment.
Learn more about PCI DSS at the official PCI Security Standards Council website.
4. Further Questions
If you have further inquiries around security, compliance, or fraud prevention, reach out to us at business@noah.com. We’re dedicated to ensuring a secure, reliable environment that instills confidence in both you and your customers.