Safety & Compliance Hub • Updated Mar 2026

SECTION 9: SECURITY PROTOCOLS, AUTHENTICATION, AND DATA INTEGRITY

00:00 ...
Ready to read


9.1. User Responsibility for Account Security

Zelencio provides industry-leading security tools, but the ultimate safety of your assets depends on your personal security hygiene.

  • Confidentiality: You are solely responsible for maintaining the confidentiality of your login credentials, including your email password, 5-digit App PIN, and Google Authenticator (2FA) secret keys.

  • Unauthorized Use: You agree to notify Zelencio immediately at security@zelencio.com if you suspect any unauthorized access, security breach, or compromise of your mobile device.

  • Negligence: Zelencio shall not be liable for any loss of funds resulting from your failure to secure your account or for "Social Engineering" attacks (e.g., sharing your PIN or 2FA code with a third party pretending to be Zelencio Support).

9.2. Multi-Layered Authentication (MFA) Protocols

To ensure the standard of a global financial exchange, Zelencio enforces a multi-layered authentication framework:

  • The App PIN: A mandatory 5-digit numeric code required to access the application and execute sensitive internal actions.

  • Biometric Authentication: Zelencio utilizes official Android/iOS Biometric APIs (Fingerprint and Face ID) for rapid access. You acknowledge that biometric data is stored locally on your device and is not transmitted to Zelencio servers.

  • Google 2FA (The "Hard Lock"): For all outbound transactions (Withdrawals, Vouchers, P2P release), Google Authenticator (2FA) is mandatory. You acknowledge that if you lose access to your 2FA device without having saved your "Recovery Key," the account recovery process may take up to 7 business days and require manual physical verification.

9.3. Authorized Device Tracking and Fingerprinting

Zelencio logs technical metadata to detect and prevent unauthorized logins.

  • Logged Data: To protect your account, we record the Device IP, Device Name/Model, Network Type, and Approximate Location for every login session.

  • Source Verification: In the event of a login from an unrecognized device or a high-risk IP address (e.g., a known malicious VPN), Zelencio may automatically suspend withdrawal features for 24–48 hours as a security precaution.

  • Device Management: Users can view and manage "Authorized Devices" within the Security Settings. Removing a device will immediately invalidate all active sessions on that hardware.

9.4. Secure Transaction Approval (The "Confirmation Loop")

All financial movements on the Zelencio Internal Ledger require a "Confirmation Loop":

  • Visual Review: A summary of the asset, amount, and fees is displayed.

  • Slide-to-Confirm: A high-friction gesture to prevent accidental "pocket-trading" or unintended execution.

  • The Final Auth: Execution is only completed after the input of the 5-digit PIN and/or the 6-digit 2FA code. You agree that once these credentials are submitted, the transaction is considered "User-Authorized" and cannot be reversed by the platform.

9.5. Data Storage and Encryption Standards

Zelencio adheres to the principle of "Data Segregation" to ensure the highest levels of privacy:

  • Confidential KYC Data: All sensitive identity documents, liveness videos, and personal information are stored on high-security, AES-256 encrypted internal servers. This data is never shared with third-party marketing firms.

  • Non-Confidential Media: Profile pictures and P2P chat attachments may be processed via encrypted third-party storage providers (e.g., Cloudinary). By uploading media, you consent to this processing.

  • Zero-Knowledge PINs: Zelencio does not store your App PIN in a readable format. It is cryptographically "hashed," meaning even Zelencio employees cannot view your PIN.

9.6. System Integrity and Maintenance

  • Downtime: Zelencio strives for 99.9% uptime. However, periodic maintenance is required to update the matching engine and security protocols. Zelencio is not liable for losses caused by the inability to execute trades during scheduled or emergency maintenance windows.

  • Software Updates: To maintain security, you are required to use the latest version of the Zelencio app. Using an outdated or "Jailbroken/Rooted" device violates this security policy and may result in account restriction.

9.7. Limitation of Technological Liability

While we utilize global WebSockets and enterprise-grade infrastructure, you acknowledge that no digital system is 100% secure. Zelencio is not liable for "Force Majeure" events, including large-scale internet outages, blockchain network failures (forks/hacks), or sophisticated zero-day exploits beyond the reasonable control of the platform.


ZELENCIO TERMS OF SERVICE and USER AGREEMENT close
Section 1: General Provisions and Scope of ServicesSECTION 2: ACCOUNT ELIGIBILITY AND IDENTITY VERIFICATION (KYC/AML)SECTION 3: DIGITAL ASSET MANAGEMENT AND TRANSFER PROTOCOLSSECTION 4: TRADING OPERATIONS, EXECUTION ENGINE, AND MARKET DATASECTION 5: USER-TO-USER U2U/P2P CRYPTO TRADINGSECTION 6: THE ZELENCIO ESCROW HUB (DIGITAL PRODUCTS)SECTION 7: FEES, FINANCIAL CHARGES, AND TAXATIONSECTION 8: PROHIBITED ACTIVITIES, FRAUD PREVENTION, AND TERMINATIONSECTION 9: SECURITY PROTOCOLS, AUTHENTICATION, AND DATA INTEGRITYSECTION 10: INTELLECTUAL PROPERTY, USER CONTENT, AND LEGAL PROVISIONS