Account Security

Infrastructure Encryption

Biya Capital employs 256-bit SSL/TLS encryption across all client-facing interfaces and internal data pathways. This is the same encryption standard mandated by leading global financial institutions. All personally identifiable information, authentication credentials, and transaction data are encrypted both in transit and at rest.

Multi-Factor Authentication

The platform supports time-based one-time password (TOTP) two-factor authentication. When enabled, account login requires both a password and a dynamically generated verification code, significantly reducing the risk of unauthorized access — even if login credentials are compromised.

Segregated Custody

Client securities and cash balances are maintained at qualified third-party custodian institutions in fully segregated accounts. This structural separation ensures that client assets remain legally distinct from the firm's own capital at all times.

Real-Time Monitoring

Automated systems continuously monitor account activity for anomalous patterns such as login attempts from unrecognized devices, unusual geographic locations, or atypical transaction behavior. Users are notified in real time when security-relevant events are detected.

Data Privacy

Biya Capital adheres to applicable data protection regulations. Personal information is not sold to, shared with, or made available to third parties for commercial marketing purposes. Users retain control over their account data and may request information reviews through support channels at any time.