Serious about Security.

We practice security as if it's our own life savings.

A platform built for crypto's unique risks.

And redundancy on top of redundancy, because we’re paranoid.

Organizational Security.

We protect your data by following key security principles: Confidentiality, Integrity, and Availability. Our approach aligns with top industry standards like ISO 7200x, NIST, and OWASP to ensure your personal information is kept safe and private.

Daily Offsite Backups.

We also perform daily offsite backups, securely stored on Canadian servers.

Data Protection.

Our dedicated in-house team uses modern security controls, including Zero Trust (always verifying access), RBAC (permissions based on roles), MFA (extra login protection), and monitoring systems like SIEM and SORE to detect and respond to threads.

Insurance & Theft Protection.

We maintain comprehensive crypto asset insurance to help protect against loss or theft. Over 80% of assets are stored offline in secure cold storage, reducing risk and strengthening our security posture.

Data Encryption.

We use AES256-bit encryption and TLS across all network connections to securely protect all of our data, backups and tokens, ensuring they stay confidential and out of the wrong hands.

SOC 2 Type 2 Certified.

Newton is SOC 2 Type II certified, which means that our security controls are not only well-designed but also regularly audited to meet regulatory expectations.

Find out more about
our security practices

How do I know I can trust you?

Newton was started by a team of experienced Canadian entrepreneurs and has strong financial backing. Our goal is to set a strong example for good corporate citizenship in the cryptocurrency space. And if you still don't trust us, we've made it really easy to withdraw crypto into your own wallet for safekeeping.

Newton has undergone a rigorous review and approval process with the Ontario Securities Commission (OSC) and the other members of the Canadian Securities Administrators (CSA) and is one of a small number of registered crypto trading platforms registered to operate in Canada. The registration process included extensive reviews of our internal financial, compliance and security processes as well as requirements related to working capital, insurance, and the storage and custody of our customers’ fiat and crypto assets.

We don't hide behind a veil of anonymity — our CEO's name is Dustin Walper, and rumour has it he does birthday parties for Bitcoin.

Cryptocurrency exchanges seem to get hacked a lot. What’s your hacking prevention plan?

Newton enforces security requirements internally, including mandatory password rules, internal security audits, and conducts regular penetration testing.

We rely on trusted-third party custodians to store the vast majority of our customer crypto assets in secure locations with no access to the internet (aka “cold storage”).

Our customers’ custodied assets are also insured against hacks and theft.

How do I report a bug?

At Newton, security of the platform and our users is our top priority. You can follow this link here to read up on our process for reporting a security vulnerability. At the bottom of the page there is a form that you can fill out to have a direct method of contact with our security team who will take a look at the issue further. Please be as detailed as possible when describing the nature of the issue.

How do I know my personal Information is secure/What do you do with my Personal information?

The best place to understand how we protect your privacy can be found here at https://www.newton.co/privacy

As part of our measures to confirm your identity (and the identity of each beneficial owner), we may also use third party identification service providers such as Persona Identities Inc. (“Persona”) and others. To learn more about Persona’s privacy practices, please visit https://withpersona.com/legal/privacy-policy.

Newton doesn’t share personal identification data except in cases as identified in our Terms of Use and our Privacy Policy, and in cases where we are required to by law.

Newton App dashboards on web

Security that goes beyond the app.

A customer-centered approach to protect your digital assets.

Monitoring & Incident Response.

Our systems are monitored 24/7/365 to detect and respond to threats in real time. We conduct regular audits and internal control reviews to ensure operational resilience and regulatory alignment.

Threat Management.

We perform annual third-party penetration tests and monthly internal security reviews. Our active Bug Bounty program encourages responsible disclosure and helps us stay ahead of evolving threats.
Learn more

Canadian Regulation and Privacy.

We align with Canadian financial and privacy regulations, including the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), the Canadian Investment Regulatory Organization (CIRO), the Canadian Securities Administrators (CSA), the Autorité des marchés financiers (AMF), the Personal Information Protection and Electronic Documents Act (PIPEDA), and Quebec’s Law 25. 
We don't normally like to brag, but here are some of the reasons why our customers love using Newton.