We always encourage our users to take custody of their own coins as soon as possible. When you purchase Bitcoin using Swan, your coins are stored by a licensed and regulated Nevada chartered trust company, Prime Trust, which secures billions of dollars worth of fiat and cryptocurrency for some of the biggest companies in the industry.
Your Bitcoin and USD is stored under your name with Prime Trust, with you as the sole legal owner. Swan does not have the ability to move your funds.
In order to ensure that Swan cannot move Bitcoin out of your account, you will receive a direct confirmation of withdrawal from Prime Trust whenever you withdraw your Bitcoin. This email is delivered directly from Prime Trust, and requires your authorization for withdrawals.
ACH withdrawals from bank accounts have a sixty day dispute window. That means someone could fund their Swan account, withdraw their Bitcoin, and then tell their bank that the charge was fraudulent, leaving Swan to foot the bill.
In order to offer you the lowest fees possible for automated ACH purchases, and to ensure that Swan itself is not at risk of insolvency due to fraud, we require all Bitcoin to pass the 60 day ACH reversal window. During this time, your Bitcoin is custodied with a licensed and regulated Nevada-chartered trust company, Prime Trust.
Wire transfers are coming soon, and will enable you to withdraw Bitcoin after just one day.
When you supply your bank account information to Swan, it is passed to and stored directly with Prime Trust, a licensed and regulated trust company, into an account registered legally under your name. Swan never stores your bank information and has no ability to withdraw from your bank.
Bank withdrawals via ACH are initiated directly by Prime Trust. Once the money clears in Prime Trust, a trade is executed by Prime Trust to convert your fiat money to Bitcoin at the current market price.
Swan stores the minimal personal data required to be compliant with regulations. Currently, this is limited to your name, email, address, phone number, and date of birth. This information is stored in an encrypted database.
While our site collects social security numbers and identity documentation as required by law to open a trust account with Prime Trust, this information is relayed over an encrypted connection directly to Prime Trust and never stored on Swan servers.
- All Swan data is stored encrypted with military-grade AES-256 encryption.
- All traffic is encrypted using industry standard TLSv1.2 encryption.
- Swan does not store nor have access to the private keys for Bitcoin stored with our custodial partner, Prime Trust.
- Swan follows the Center For Internet Security Benchmarks for security standards.
The entirety of your fiat and Bitcoin holdings is stored in an account in your name with Prime Trust. In the unlikely event of Swan winding up operations, you still have legal control of funds stored within Prime Trust and can request disbursement using your email. Please contact Prime Trust for more information.
As always, we encourage you to withdraw your Bitcoin often to a secure wallet whose keys you control.
If you have found a critical security vulnerability, please practice responsible disclosure by reporting it and giving us a chance to respond.
We will consider bounties for disclosures that include a proof of concept and lead to the direct compromise of user data. Reports that are related to best practices including missing headers will not be rewarded.
Please do not run vulnerability scanners against our site. We have our own scans running and will not reward reports found from automated scans.
To keep our security program focused and useful, we disqualify reports that are on Google's list of non-qualifying reports. Please note that this list is a non-exhaustive guideline. If your report falls into one of those categories, it will likely not be rewarded. Please review the list prior to submitting your report.