Security & compliance

Security and verification, by design

OneSphere is built so that identity verification, access control, and an audit trail are part of the platform — not optional add-ons.

Account security

How accounts are protected

Hashed credentials

Passwords are stored only as bcrypt hashes with a strong work factor. Plaintext passwords are never written to the database or logs.

Brute-force protection

Repeated failed sign-ins trigger a temporary account lockout, and sensitive endpoints are rate-limited per client.

Role-based access

Applicants, admins, and superadmins are separated. Applicants can only ever see their own records; ownership is checked at the data layer.

Server-side validation

Every submission is re-validated on the server with the same schema used in the browser — the client copy is never trusted on its own.

Audit trail

Registrations, logins, status changes, messages, uploads, and verification events are recorded to an append-only audit log.

Hardened headers

Security response headers and sensible session cookie settings are applied across the application.

Verification

Verification is mandatory before issuance

An application can be submitted with basic details only. It cannot be approved, and a card cannot be issued, until the required identity verification has passed.

KYC

Identity verification

Required for every cardholder. Standard or enhanced depth depending on tier and jurisdiction.

KYB

Business verification

Required for business cards, in addition to identity verification of associated individuals.

GATE

Approval gate

The platform enforces verification: approval is blocked in software until the required cases have passed.

The platform is live and actively onboarding users. Customer verification is applied on a tiered, risk-based basis: lower-tier cards require basic customer information only, while higher-tier cards are subject to enhanced KYC/KYB checks and additional verification requirements.

Insurance eligibility

Additional protection for eligible cardholders.

Eligible customers may receive card-related coverage through TokenInsurance, subject to policy terms.

Eligible customer card balances may be insured up to 120,000 per card through TokenInsurance. Coverage is subject to policy terms, exclusions, verification, jurisdiction, approval criteria, and the specific scope of the insurance arrangement.

Customer benefit

Insurance eligibility adds a further trust layer for customers who want greater confidence when using a crypto-linked card platform.

Insurance coverage is not automatic or guaranteed. Eligibility, limits, exclusions, claims, and availability are determined by the applicable policy terms and provider criteria.

Audit & operational review

Audited systems. Stronger operational confidence.

OneSphere’s platform and operational processes are reviewed by ChainAccountancy, subject to audit scope and review period.

OneSphere is designed around operational controls, secure onboarding, admin-reviewed applications, status tracking, audit trails, document workflows, and compliance-aware product access. ChainAccountancy provides review of OneSphere’s platform and operational processes, subject to audit scope, review period, and applicable controls.

Customer benefit

Operational review helps support trust, transparency, and accountability across the OneSphere platform.

Audit review does not guarantee financial performance, product availability, absence of risk, or customer eligibility. Audit statements are subject to the defined review scope and period.

Ready to apply?

Start a streamlined application now — verification is completed before a card is issued.

Apply now Make an enquiry