Cryptocurrency platform Axioma CryptoPSP

Task

AXIOMA creates a universal cryptocurrency platform, on the basis of which you can offer cryptocurrency services that provide your clients with financial solutions in different configurations. In other words, we are developing a modular system that contains all the components of a crypto banking.
We use this platform to create custom projects for our clients, as well as to launch our own projects together with business partners.
We are constantly adding new functionality, and below you can see the modules that have already been released.
The date of the last update: 28.01.2022

Result

Key features

  • Exchange of fiat and cryptocurrency
  • Clients' payments acquiring in cryptocurrency on the merchant's website
  • Fiat-cryptocurrency purchase with the payments by Visa and MasterCard 
  • Cryptocurrency custody services
  • Creation of investment accounts for clients, purchase of shares in investment portfolios

Projects implemented on the platform:

DoroEX, purchase and exchange of cryptocurrency

AlteWay, crypto acquiring and investments

Payments' acquiring for merchants

  • merchants registration
  • two-factor authentication
  • API keys generating and disabling
  • the list of the customer transactions with the current status
  • withdrawal requests
  • funds conversion (coming soon)
  • API for integration of the platform and the merchant's website
  • receiving funds in BTC. Unique BTC address under one private key is created for each transaction
  • partial payments handling
  • payment widget: embeds to the merchants' website, shows the QR code for payment in BTC, displays current payment status
  • plugin for wordpress/woocommerce
  • convert fiat currency to crytpocurrency at the current exchange rate

Cryptocurrency exchange for fiat

  • card payment provider integration for payments by Visa/Mastercard
  • KYC procedure for customers
  • current exchange rate receiving
  • payment commission management
  • automatic withdrawal orders to customer address

User account

  • Deposit to the balance by wire transfer, card payment or cash
  • Crypto and fiat balance of the account on the platform
  • Withdrawal order form
  • Investment portfolio management - portfolio return statistics, shares buying and selling
  • Displaying of current verification level and limits

Platform administration

  • Access restriction by IP addresses, two-factor authentication
  • Merchant and customer management
  • Platform turnover and revenue statistics
  • Processing of withdrawal orders
  • Confirmation of incoming payments
  • Commission management:
  • for exchange
  • for cryptocurrency purchase
  • for withdrawal
  • fixed and in percentages
  • set for all operations, for a certain currency or individual for merchant/customer

Security

The service does not have direct access to the cryptocurrency. All the funds are stored on the cold wallets, that only administrator has access to. Possible attack vectors that can lead to the loss of funds, and ways to counter them:

  • Attack on the administrator, social ingeneering, in order to gain access to cold wallets.
    Counteraction: following best practices in personal cryptocurrency wallets storage and management.
  • Attack on servers in order to spoof withdrawal order.
    Counteraction: vulnarability tracking in the installed software, update software to the latest version, using of white list of IP addresses for the access.
  • Attack on the ustomer in order to generate withdrawal order to the intruders' wallets.
    Counteraction: two-factor onfirmation of the withdrawal order, disclaimer in case the customer loses control over his device with Google Authenticator.
  • Substitution of the generated address of the BTC wallet, to which the transaction is made.
    Counteraction: similar to “Attack on servers in order to spoof withdrawal order”, deposits monitoring to the cold wallet, payment function disabling in suspitious situation.

Investment portfolio

  • Creation of investment accounts
    • Client invstment agreements and investment portfolio
    • Portfolio return indication

Next steps plan

  • Adding new cryptocurrencies, primarily ETH, ERC-20 Tokens including USDT
  • Analytics and reports section
  • Provision of custody storage services, including commissions and accounting
  • Integration with the exchange and automation of transactions for the purchase and sale of cryptocurrency to balance liquidity
  • Lending module
  • Automation the creation of private wallets for the clients and distributed management through multisig
  • Mobile applications, functionality of a non-custody multi-currency wallet
  • Automation of the creation of transactions at the clients' withdrawal order from the hot wallet of the platform. Implementation options:
    • Implementation via Multisig. One key is on the server, the second one - on the device of the operator, both should sign. The server generates the transaction and signs it by its key, after that operator sign the transaction. The operator follows anti-fraud policies.
    • Implementation via HSM (Hardware Security Module). This is the hardware that is placed in the data center and, at the request of the server, signs transactions with the key that it stores inside. The keys inside HSM is securely protected and the chance of it being hacked is negligible.

Screenshots of the projects that are launched on our platform

The functionality may differ from the above mentioned and what is planned for development.

Client area, dashboard

dashboard

Crypto payments widget


widgets

List of received payments

invoices>

Client cabinet, withdrawal request

withdrawals

Merchant API Keys

api-keys