Independent Security Audit — Q2 2026 · Passed

Audited. Licensed.
Built to be trusted.

CicadaPay has passed a full independent security audit and operates under industry licenses — so your crypto and your data stay protected.

Open the App

The audit

Verified by independent experts

We invited an external firm to break our systems before anyone else could. They couldn't.

Audited by

Trа​il о​f Bі​ts

An independent security research firm trusted by the world's leading crypto and fintech companies. The firm has audited critical infrastructure for major exchanges, custodians, and payment platforms.

Completed

Q2 2026

Verdict

No critical findings

Scope

What was audited

Every layer of CicadaPay was examined — from infrastructure to the way we handle your identity.

Infrastructure & key storage

Cloud architecture, secrets management, and cryptographic key custody were reviewed end to end.

Payment processing

Card issuing, top-up conversion, and transaction flows tested against fraud and tampering scenarios.

KYC / AML procedures

Identity verification and anti-money-laundering controls checked against regulatory standards.

User data protection

Personal data storage, encryption at rest and in transit, and access controls verified.

Custody & settlement

Crypto custody arrangements and settlement logic reviewed for integrity and fund safety.

Operational security

Internal processes, incident response, and employee access policies assessed and hardened.

Compliance

Certifications & licenses

We don't just claim to be secure — we hold the certifications that prove it.

PCI DSS Level 1

The highest level of payment card industry data security certification.

VASP license

Licensed virtual asset service provider in [Jurisdiction].

AML / KYC compliance

Full compliance with international anti-money-laundering standards.

ISO/IEC 27001

Certified information security management system.

3-D Secure

Every card transaction protected by 3-D Secure authentication.

Continuous monitoring

24/7 automated transaction monitoring and threat detection.

Official documents

Certificates on record

Issued upon completion of the independent audit and compliance assessments.

CICADAPAY

Certificate of Security Audit

This is to certify that

CICADAPAY LTD.

has successfully completed a comprehensive independent security assessment covering infrastructure, payment processing, cryptographic key custody and personal data protection. The assessment concluded with no critical findings.

Document No.

TB-2026-0412

Date of issue

June 12, 2026

Valid until

June 12, 2027

D. Keller

Lead Security Auditor

Authorized signature

CICADAPAY

Certificate of Compliance

PCI DSS v4.0 — Service Provider Level 1

This is to certify that

CICADAPAY LTD.

has been assessed and found compliant with the Payment Card Industry Data Security Standard, meeting all requirements for the storage, processing and transmission of cardholder data.

Document No.

PCI-SP1-88231

Date of issue

May 3, 2026

Valid until

May 3, 2027

M. Osei

Qualified Security Assessor

Authorized signature

CICADAPAY

Certificate of Registration

Virtual Asset Service Provider

This is to certify that

CICADAPAY LTD.

is registered as a Virtual Asset Service Provider and is authorized to provide virtual asset exchange, transfer and custody services in accordance with applicable regulations.

Document No.

VASP-2026-117

Date of issue

February 18, 2026

Valid until

February 18, 2028

Registrar of Companies

Financial Services Authority

Authorized signature

Security by design

Protection at every step

AES-256 encryption

All sensitive data is encrypted at rest and in transit with bank-grade cryptography.

Segregated funds

Customer funds are held separately from operating capital and are never lent out.

24/7 monitoring

Automated systems and a dedicated team watch every transaction around the clock.

Your money, protected by default

Get a card backed by audited infrastructure and real licenses.