Get StartedSign In

Security First.

Strictly, the NOAH way.
We all have enough to worry about. Your money shouldn't be one of those things. Security is serious business to us.At NOAH, we firmly believe that if it's your money, you should have full control over it — not your bank. So the only person who gets to control your money is you. Like how it should be.Content
Information and technology relating to the business of NOAH are highly valuable assets which require protection from unauthorized use, disclosure, theft, alteration or destruction.Effective information security management enables information to be collected, processed, and shared for the purposes of conducting business whilst managing the associated risks within the risk appetite of the company and in compliance with relevant regulation and legislation.

To ensure that NOAH’s security posture is robust and fit for purpose, we adhere to the UK’s National Cyber Security Centre’s Cloud Security Principles and apply these to our service partners as well.

NOAH has aligned security and privacy policies with globally recognized standards such as ISO27001, GDPR, PCIDSS, PSD2 and NIST among others and will create an operational regime that regularly tests and audits alignment with these standards.
NOAH adheres to the UK’s National Cyber Security Centre’s Cloud Security Principles with respect to the selection of cloud service providers.These principles are available here. We also follow industry-leading best practices: Least Privilege, Defense in Depth, and Zero Trust.
Least Privilege

The Principle of Least Privilege states that a subject should be given only those privileges needed for it to complete its task.

Defense in Depth

Defense in Depth (DiD) is an approach to cybersecurity in which a series of defensive mechanisms are layered in order to protect valuable data and information.

Zero Trust

A Zero Trust security strategy demands rigorous application and network security with identity, authentication, and authorization being consistently applied across all information assets and endpoints.

Keeping your account safe is our number one priority.
Cryptography

At NOAH, we chose Ephemeral Key Cryptography (EKC) for our wallet and server side Multi-Party Computation (MPC) for digital asset management. In combination, this provides just the right balance between sovereignty and utility for the broadest range of use cases.

Learn More
Wallet

The NOAH Wallet will support full Strong Customer Authentication (SCA) in alignment with the Payment Service Directive 2 (PSD2).

Learn More
Data Security

At NOAH, we use PII data scrubbing to remove personally identifying information in our stored logs.

At NOAH, we go the extra mile to make sure your assets are secure.
Penetration testing

Scheduled automated penetration testing to probe NOAH API endpoints and servers for vulnerabilities.

Web Application Firewall

WAF on NOAH API endpoints and our content delivery network, to protect API endpoints from abuse and DDoS attacks.

Network Security

AWS backbone internal network for communication between the NOAH Core and NOAH Lightning nodes for a more reliable and secure connection.

Scorechain

Third party blockchain analysis to prevent transactions related to criminal activity.

Learn More
QLDB

Quantum ledger database to keep an auditable historic record of every transaction which can be cryptographically verified.

Digital Asset Management Platform

The NOAH Digital Asset Management Platform (DAMP) is deployed to Amazon Web Services (AWS). NOAH’s DAMP utilizes a broad range of Amazon services that not only serve to harden security posture but monitor platforms in real-time to help detect and prevent intrusion, DDOS attacks, and even internal bad actors attempting to subvert our security controls.

NOAH has a responsibility to abide by and adhere to all current UK and EU legislation as well as a variety of regulatory and contractual requirements.Relevant legislation includes:
  • The Computer Misuse Act 1990
  • Data Protection Act 2018
  • General Data Protection Regulation 2016
  • The Freedom of Information Act 2000
  • Regulation of Investigatory Powers Act 2000
  • Copyright, Designs and Patents Act 1988
  • Defamation Act 1996
  • Obscene Publications Act 1959
  • Protection of Children Act 1978
  • Criminal Justice Act 2003
  • Digital Economy Act 2010
This is a non-exhaustive summary of the legislation, regulatory, and contractual obligations that contribute to the form and content of this policy. Related policies will detail other applicable legislation.
The Global Money
App of the Future
Learn more

Copyright © 2022 NOAH Savings (UK) Ltd. - Noah Savings UAB

Follow us

Twitter

Discord

LinkedIn

Telegram

Instagram