FREQUENTLY ASKED QUESTIONS
1. What is the Vaultavo Custody Solution?
The Vaultavo Custody Solution enables the secure custody of digital assets. Using a first-in-the-world biometrically enabled custody smart card (Vaultavo Card) and Vaultavo’s state-of-the-art proprietary designed and manufactured vault (Vaultavo Vault), the Vaultavo Custody Solution protects digital assets in a unique fashion by securely and biometrically creating and managing the private key on the Vaultavo Card.
2. How is the Vaultavo Custody Solution deployed in a business?
The Vaultavo Custody Solution integrates seamlessly into any business flow. It does not interfere with normal business functions. It is a plug and play solution that can either be integrated into an existing backend system via API or be accessed via front-end interfaces (Vaultavo Portals) developed by Vaultavo.
3. How is the Private key generated and stored?
The Private key is generated using a fingerprint as well as a random number generator and is stored and managed on the Vaultavo Card. The private key is used to derive the blockchain keys for transactional purposes. The Vaultavo Cards that contain the private key/s are stored in the Vaultavo Vault (Vaulted Cards).
4. Is the fingerprint used as the seed to generate the private key?
The fingerprint is a portion of the seed. The seed is part random number generated and part fingerprint.
5. How is access provided to the Vaultavo Custody Solution?
The Vaultavo Custody Solution is accessed using the Vaultavo Card together with one of the Vaultavo Portals on Android, IOS or Web. An API is also available for integration into an existing back-end of an organization.
6. How and who manages the user set up/changes of the Vaultavo Custody Solution?
The appointed security administrator and appointed accounts administrator of the organisation utilizing the Vaultavo Custody Solution, will be responsible for defining and managing the various user roles. The appointed security administrator will set up and create the profiles of the other role players within the organization (such as the accounts administrator, transaction initiator and transaction verifier). The appointed accounts administrator will create the client accounts and further define the organization’s related rules and policies. The aforesaid serves to separate the roles and responsibilities pertaining to the custody flow within the organization.
1. How does the Vaultavo Custody Solution facilitate the initiation and verification of transaction?
Designated transaction initiators and transaction verifiers are each issued with a Vaultavo Card which is activated with their respective fingerprints.
Using the Vaultavo Card and the Vaultavo Portal, or via API, the transaction initiator selects the crypto currency, the destination address where the crypto needs to be sent, as well as the client account number. The selected information is displayed on the e-Ink display of the transaction initiator’s Vaultavo Card and verified by the transaction initiator. To initiate the transaction, the transaction initiator places his/her fingerprint on his/her Vaultavo Card’s fingerprint reader. The Vaultavo Card generates an encrypted message with all the transactional information. This encrypted message is sent to the Vaultavo Digital Platform. The Vaultavo Digital Platform notifies the transaction verifier and displays the transactional information on the e-Ink display of Vaultavo Card issued to the transaction verifier and request verification of the transaction.
The transaction verifier then has the option to approve or decline the transaction. A transaction verifier cannot change any of the transactional information. Approving or declining a transaction is done biometrically, by the transaction verifier placing his/her fingerprint on his/her Vaultavo Card’s fingerprint reader. The Vaultavo Card then generates another encrypted message that is sent to the Vaultavo Digital Platform.
Each transaction is initiated and verified as per the custody rules and policy defined by the organization utilizing the Vaultavo Custody Solution. These rules and policies can include confirmation of funds, checking of the KYC, blacklists, white lists, time locks and any other checks defined by the accounts administrator of the organization.
Once a transaction is verified by the transaction verifier, an encrypted messages is sent to the Vaulted Card in the Vaultavo Vault. The Vaulted Card in the Vaultavo Vault decrypts each message and confirms its authenticity and verifies the rules against the organization’s policy – for example limits, whitelisting, backlisting, etc.
The transaction is then created, signed and pushed onto the blockchain via secure blockchain nodes.
The progress of the transaction is monitored on the blockchain, and once completed, it is marked as “completed” on the Vaultavo Digital Platform and can be viewed on the Vaultavo Portal or via API.
2. For what type of assets can the Vaultavo Custody Solution be utilized?
The Vaultavo Custody Solution can be utilized for the custody of any asset that is on a blockchain, be it public or private – this includes NFT’s. Initially the Vaultavo solution will support the top ten (10) crypto currencies, however, more will be added over time. If any client require a custody solution for a particular digital asset not already provided for under Vaultavo’s offering, it can be developed and implemented.
3. Does Vaultavo provide exchange between crypto and fiat, and vice versa?
No, Vaultavo does not provide exchange between crypto and fiat, nor vice versa.
1. What are the features and relative security aspects of the Vaultavo Card?
The Vaultavo Card is the world’s first biometric enabled digital asset custody smart card. The Vaultavo Custody Solution protects blockchain assets in a unique fashion by securely creating and managing the private key on a bank grade secure card, thereby enabling our clients to securely protect blockchain assets, and enabling ease of access to blockchain assets.
The Vaultavo Card has an EMV 7 certified microchip, a fingerprint reader, an E-Ink display to verify transactions, a rechargeable battery, as well at various connection types to make it connectable to computers and mobile phones.
The private-public key pairs get created and stored on the Vaultavo Card using a fingerprint as a part of the seed for random number generation, when the card gets activated. The only way to access the private key is using that fingerprint and the card.
2. How are my assets protected in terms of the technology used by Vaultavo?
The private key does not leave the Vaultavo Card and is secured by biometrics. It is not in a database, nor in the cloud. Only with a fingerprint can transactions be initiated and verified. Fingerprints cannot be replicated as each fingerprint it is linked to a designated Vaultavo Card.
3. What type of monitoring and controls are carried out to ensure security?
Monitoring and controls are done through roles and responsibilities, whereby a transaction initiator cannot be a transaction verifier, and vice versa. Role settings are done by the appointed security administrator of the related organization (also refer to ‘Section A.6.’ above). A policy engine is in place that enforces all the security measures applicable to transactions. Biometrics are captured and stored for every transaction and included in logs and reporting.
4. What happens if a mobile phone is lost?
The mobile phone only holds the application and only acts as an interface. To access the application, the Vaultavo Card and related fingerprint is required. Once the client gets a new mobile phone, the Vaultavo application can be reinstalled and used with the Vaultavo Card that was issued to the client and activated by that client.
1. What happens if a card is lost?
If any Vaultavo Card is lost, the appointed security administrator marks said Vaultavo Card as lost and issues a new Vaultavo Card. Each Vaultavo Card carries a serial number. The lost Vaultavo Card is replaced with a new Vaultavo Card and serial number. A backup mechanism is in place for the Vaulted Card in the Vaultavo Vault which holds the private key. The key is wrapped with the fingerprint of the client and encrypted with a backup key and securely stored. The backup key(s) is/are owned by the relevant organization not by Vaultavo, as per normal security protocols. To restore the private key, the fingerprint of the related Vaultavo Card holder is required.
1. What type of storage does Vaultavo provide – Hot or Cold?
The Vaultavo Custody Solution cannot be classified as either Hot or Cold. Although the Vaultavo Vault, that holds the Vaulted Cards which hold the private keys, is permanently connected to the internet, a Vaultavo Card and fingerprint is always required to initiate and verify transactions. The Vaultavo Custody Solution is therefore 100% secure and neither Hot nor Cold.
2. Does Vaultavo hold a backup in a different location?
Backups are held either in a secure location designated by our client or in a secure location managed by Vaultavo. Biometrics are always required to access the system, making it 100% secure.
3. What type of encryption is adopted by Vaultavo?
Vaultavo follows proven standards for encryption which have been used widely in the industry for a long period of time.
For messaging, Vaultavo applies the industry standard AES Dukpt methods. Transaction signing is in line with the relevant blockchain standard.
Vaultavo uses the new-age Hierarchical Deterministic wallet structure that automatically generates a hierarchical tree-like structure of private-public blockchain addresses (or keys), thereby addressing the problem of the user having to generate them on their own.
1. What is the Vaultavo Custody Solution?
The Vaultavo Custody Solution enables the secure custody of digital assets. Using a first-in-the-world biometrically enabled custody smart card (Vaultavo Card) and Vaultavo’s state-of-the-art proprietary designed and manufactured vault (Vaultavo Vault), the Vaultavo Custody Solution protects digital assets in a unique fashion by securely and biometrically creating and managing the private key on the Vaultavo Card.
2. How is the Vaultavo Custody Solution deployed in a business?
The Vaultavo Custody Solution integrates seamlessly into any business flow. It does not interfere with normal business functions. It is a plug and play solution that can either be integrated into an existing backend system via API or be accessed via front-end interfaces (Vaultavo Portals) developed by Vaultavo.
3. How is the Private key generated and stored?
The Private key is generated using a fingerprint as well as a random number generator and is stored and managed on the Vaultavo Card. The private key is used to derive the blockchain keys for transactional purposes. The Vaultavo Cards that contain the private key/s are stored in the Vaultavo Vault (Vaulted Cards).
4. Is the fingerprint used as the seed to generate the private key?
The fingerprint is a portion of the seed. The seed is part random number generated and part fingerprint.
5. How is access provided to the Vaultavo Custody Solution?
The Vaultavo Custody Solution is accessed using the Vaultavo Card together with one of the Vaultavo Portals on Android, IOS or Web. An API is also available for integration into an existing back-end of an organization.
6. How and who manages the user set up/changes of the Vaultavo Custody Solution?
The appointed security administrator and appointed accounts administrator of the organisation utilizing the Vaultavo Custody Solution, will be responsible for defining and managing the various user roles. The appointed security administrator will set up and create the profiles of the other role players within the organization (such as the accounts administrator, transaction initiator and transaction verifier). The appointed accounts administrator will create the client accounts and further define the organization’s related rules and policies. The aforesaid serves to separate the roles and responsibilities pertaining to the custody flow within the organization.
1. How does the Vaultavo Custody Solution facilitate the initiation and verification of transaction?
Designated transaction initiators and transaction verifiers are each issued with a Vaultavo Card which is activated with their respective fingerprints.
Using the Vaultavo Card and the Vaultavo Portal, or via API, the transaction initiator selects the crypto currency, the destination address where the crypto needs to be sent, as well as the client account number. The selected information is displayed on the e-Ink display of the transaction initiator’s Vaultavo Card and verified by the transaction initiator. To initiate the transaction, the transaction initiator places his/her fingerprint on his/her Vaultavo Card’s fingerprint reader. The Vaultavo Card generates an encrypted message with all the transactional information. This encrypted message is sent to the Vaultavo Digital Platform. The Vaultavo Digital Platform notifies the transaction verifier and displays the transactional information on the e-Ink display of Vaultavo Card issued to the transaction verifier and request verification of the transaction.
The transaction verifier then has the option to approve or decline the transaction. A transaction verifier cannot change any of the transactional information. Approving or declining a transaction is done biometrically, by the transaction verifier placing his/her fingerprint on his/her Vaultavo Card’s fingerprint reader. The Vaultavo Card then generates another encrypted message that is sent to the Vaultavo Digital Platform.
Each transaction is initiated and verified as per the custody rules and policy defined by the organization utilizing the Vaultavo Custody Solution. These rules and policies can include confirmation of funds, checking of the KYC, blacklists, white lists, time locks and any other checks defined by the accounts administrator of the organization.
Once a transaction is verified by the transaction verifier, an encrypted messages is sent to the Vaulted Card in the Vaultavo Vault. The Vaulted Card in the Vaultavo Vault decrypts each message and confirms its authenticity and verifies the rules against the organization’s policy – for example limits, whitelisting, backlisting, etc.
The transaction is then created, signed and pushed onto the blockchain via secure blockchain nodes.
The progress of the transaction is monitored on the blockchain, and once completed, it is marked as “completed” on the Vaultavo Digital Platform and can be viewed on the Vaultavo Portal or via API.
2. For what type of assets can the Vaultavo Custody Solution be utilized?
The Vaultavo Custody Solution can be utilized for the custody of any asset that is on a blockchain, be it public or private – this includes NFT’s. Initially the Vaultavo solution will support the top ten (10) crypto currencies, however, more will be added over time. If any client require a custody solution for a particular digital asset not already provided for under Vaultavo’s offering, it can be developed and implemented.
3. Does Vaultavo provide exchange between crypto and fiat, and vice versa?
No, Vaultavo does not provide exchange between crypto and fiat, nor vice versa.
1. What are the features and relative security aspects of the Vaultavo Card?
The Vaultavo Card is the world’s first biometric enabled digital asset custody smart card. The Vaultavo Custody Solution protects blockchain assets in a unique fashion by securely creating and managing the private key on a bank grade secure card, thereby enabling our clients to securely protect blockchain assets, and enabling ease of access to blockchain assets.
The Vaultavo Card has an EMV 7 certified microchip, a fingerprint reader, an E-Ink display to verify transactions, a rechargeable battery, as well at various connection types to make it connectable to computers and mobile phones.
The private-public key pairs get created and stored on the Vaultavo Card using a fingerprint as a part of the seed for random number generation, when the card gets activated. The only way to access the private key is using that fingerprint and the card.
2. How are my assets protected in terms of the technology used by Vaultavo?
The private key does not leave the Vaultavo Card and is secured by biometrics. It is not in a database, nor in the cloud. Only with a fingerprint can transactions be initiated and verified. Fingerprints cannot be replicated as each fingerprint is linked to a designated Vaultavo Card.
3. What type of monitoring and controls are carried out to ensure security?
Monitoring and controls are done through roles and responsibilities, whereby a transaction initiator cannot be a transaction verifier, and vice versa. Role settings are done by the appointed security administrator of the related organization (also refer to ‘Section A.6.’ above). A policy engine is in place that enforces all the security measures applicable to transactions. Biometrics are captured and stored for every transaction and included in logs and reporting.
4. What happens if a mobile phone is lost?
The mobile phone only holds the application and only acts as an interface. To access the application, the Vaultavo Card and related fingerprint is required. Once the client gets a new mobile phone, the Vaultavo application can be reinstalled and used with the Vaultavo Card that was issued to the client and activated by that client.
1. What happens if a card is lost?
If any Vaultavo Card is lost, the appointed security administrator marks said Vaultavo Card as lost and issues a new Vaultavo Card. Each Vaultavo Card carries a serial number. The lost Vaultavo Card is replaced with a new Vaultavo Card and serial number. A backup mechanism is in place for the Vaulted Card in the Vaultavo Vault which holds the private key. The key is wrapped with the fingerprint of the client and encrypted with a backup key and securely stored. The backup key(s) is/are owned by the relevant organization not by Vaultavo, as per normal security protocols. To restore the private key, the fingerprint of the related Vaultavo Card holder is required.
1. What type of storage does Vaultavo provide – Hot or Cold?
The Vaultavo Custody Solution cannot be classified as either Hot or Cold. Although the Vaultavo Vault, that holds the Vaulted Cards which hold the private keys, is permanently connected to the internet, a Vaultavo Card and fingerprint is always required to initiate and verify transactions. The Vaultavo Custody Solution is therefore 100% secure and neither Hot nor Cold.
2. Does Vaultavo hold a backup in a different location?
Backups are held either in a secure location designated by our client or in a secure location managed by Vaultavo. Biometrics are always required to access the system, making it 100% secure.
3. What type of encryption is adopted by Vaultavo?
Vaultavo follows proven standards for encryption which have been used widely in the industry for a long period of time.
For messaging, Vaultavo applies the industry standard AES Dukpt methods. Transaction signing is in line with the relevant blockchain standard.
Vaultavo uses the new-age Hierarchical Deterministic wallet structure that automatically generates a hierarchical tree-like structure of private-public blockchain addresses (or keys), thereby addressing the problem of the user having to generate them on their own.