• Security & Trust Hub

  • Data Protection

  • Account Security

  • Incident Response

  • FAQ & Best Practices

  • Extra Steps We Take

Spotted a security bug or vulnerability?

Let us know — every report goes straight to our security team for review

Security & Trust Hub

Your trust is our top priority. Discover how we protect users, artists, and artworks

CIFRA platform is founded on the principles of transparency, reliability, and continuous security enhancement. We recognize that trust is the foundation of the digital art ecosystem. That’s why we are dedicated to robust data security, service sustainability, and community engagement.

Found a security issue?

Email security@cifra.com — we welcome responsible reports and thank researchers for helping

Spotted a security bug or vulnerability?

Let us know — every report goes straight to our security team for review

Data Protection

  • All personal data (logins, passwords, contact details) is secured with strong encryption

  • Original artworks are stored in secure, private cloud storage. Only preview copies are displayed online keeping the originals inaccessible to anyone else

  • In public areas, every artwork is watermarked and displayed as a 20-second preview to prevent unauthorized use

  • Advanced cybersecurity tools block attacks and filter malicious traffic

  • We never share your data with third parties unless we are required to do so by law, or we have your explicit consent

  • Payments are processed by trusted services like Stripe and Apple Pay. We don’t store your card details

  • New features are reviewed for privacy compliance before launch

Account Security

Two-factor authentication (2FA)

  • Works with TOTP apps (e.g., Google Authenticator)

  • Strongly recommended for protecting your profile and collections

Access management

  • Our team is granted access only to the data essential for their specific roles

  • You get tips for creating strong passwords, and we check new passwords against known data breaches

  • We conduct regular audits to ensure the security of all accounts and processes

Incident Response

  • If you notice suspicious activity (hacking, phishing, leaks), report it to security@cifra.com

  • Our monitoring runs 24/7

  • We aim to respond to urgent incidents within 2 hours — and work hard to prevent them in the first place

FAQ & Best Practices

Best practices

  • Always enable 2FA

  • Never share your password. Use a password manager

  • Check emails and links carefully to avoid phishing

  • Log in only from trusted devices and networks

Common questions

Do you store my card details?

No. Payments go through secure third parties.

What if I lose account access?

What if illegal content is uploaded?

Can my artwork be stolen in preview?

How do you stop downloads of my work?

What if my password leaked elsewhere?

What if someone posts my work without permission?

How are payments secured?

What if I get a fake email from CIFRA?

Extra Steps We Take

  • All code is checked for security before release

  • We constantly scan for vulnerabilities and fix them fast

  • Our development systems are isolated and protected

  • Artists who earn royalties go through ID checks (KYC), to prevent fraud and comply with international law

  • New partners and services are security-reviewed before joining the platform

  • All business processes are checked against best security standards