Security features
How does LocalRipple.co keep me safe?

Security is a factor of major importance when it comes to handling money. LocalRipple.co does not take security lightly and we would hereby like to share the measures we've taken to keep you safe.

Here's a list of security measures we've taken :

  • No cookies or client-side data
    Our belief is that any kind of client-side data can be manipulated in ways that could harm a system, therefor we decided that in order to offer the most secure trading platform all data should be stored on our servers. LocalRipple.co uses sessions instead of the traditional cookies to store user data after login.

  • No virtual wallets
    Although it would be considerably easier to code and make use of the XRP that is stored within a virtual wallet on our side, we do not believe that such a platform would benefit our members in any way. Way too many exchange services have been hacked and huge amounts of money have been stolen simply because the exchange services were requesting their members to keep their currency within virtual wallets handled by the exchange services.

    LocalRipple.co would rather let its members keep their own money and access those funds only on request. Our way is the only 100% guaranteed safety method.

  • No permanent data storage
    LocalRipple.co does not permanently store any kind of personal data that could serve possible identity theft. Transaction messages are kept for a maximum of 180 days while identity verification data is deleted once the process is completed.

  • No 3rd party apps used for secured actions such as login / registration
    While we do not question the security of 3rd party CAPTCHA services such as Google's reCAPTCHA, we consider that the best way to keep our members safe is to code our own stuff. Usage of 3rd party apps can always lead to spoofed data and we would rather not have that.

  • One way encryption for sensitive data such as passwords
    LocalRipple.co uses a one way encryption function for passwords that includes an md5() encryption alongside a variable token generated based on various other member and server data. Bottom line is that even if we wanted to decrypt your password ourselves we wouldn't be able to.

  • Watermarking images and storing them in our database instead of a localised file
    At times you will have to send image proofs for your transactions. Aside from the fact that those images will not be permanently stored on our servers, we also decided to store them as an encrypted string in our database rather than storing them as a local file. Rendering these images is only made through a function that watermarks the image to prevent potential misuse.