Author

Topic: New Fast Bitcoin Exchange in the Netherlands (Read 6917 times)

legendary
Activity: 2506
Merit: 1010
November 03, 2013, 07:12:36 AM
#40
Malware gang steals $1.4m and sets up bitcoin exchange to launder it
http://www.coindesk.com/malware-gang-steals-1-4m-bitcoin-exchange-launder/
hero member
Activity: 537
Merit: 524

Personally I wouldn't trust my money or bitcoins to this company because it looks like a scam.

Unfotunately it seems like I was right and it is a scam. The website has been down for several days already and today the following news came out:
http://tweakers.net/nieuws/92170/politie-pakt-4-mannen-op-wegens-plunderen-bankrekeningen-via-malware.html (in Dutch). What it basically says is that 4 men were arrested on monday for using TorRAT banking-malware to plunder bank accounts through phishing and that one of the suspects was managing a btc exchange. Although FBTC is not mentioned specifically, one of the suspects comes from Woubrugge where also the company (Larmit beheer BV) managing FBTC is registered. That coupled with the fact that the site has been down for a few days.......
legendary
Activity: 1372
Merit: 1008
1davout
The Third party bank accounts have a monthly check by a register accountant (RA).

One party sets the transfers out of the system, and an other, (third) party checks the transfers and sends them out. So you always need two parties to authorize payments. One party is FBTC Exchange and the other is the registered account (RA).
So, if I read this correctly you're saying you can only send outbound transfers once every month ?


In holland it is called a "third party quality bank account"
If you could please give me the dutch term I'll will look it up, my written dutch is quite terrible but I can read it just fine.


Maybe it would be best if you read the legal aspects of such a bank account and you will see that the regulations are set by law.
Sure, like I said if you give me the dutch terms I'll look it up, my pleasure.


To get a "third party quality bank-account" in the Netherlands you need to registered it legal by a notary. (Do not know if this is possible in France)      
With the papers from the notary you can open a third party quality bank account and the bank provides you with the authorisation system.
Never heard of any such thing in France. On the other hand I have never heard of haring, paling, oliebollen and other dutch delicacies in France either.
If such is the way it works I assume that you have to be transparent in your ToS about it, so your customers know exactly know how their money is being handled. So far your transparency level is pretty much : "don't worry, I'm from the Internet". Anyway, that's an assumption, guess I'll make a more complete opinion about your setup when provided with something I can research against third-party sources.


What is there to enlighten... We work legal and according Dutch laws and regulations. The use of a PSP sets an extra possible security breach because criminals can hack into their systems, and how do you know if the system from your PSP is secure enough for your customers.
Sure, if you reason like this you might as well do your exchange with pen and paper. Duh.
Also PSPs have something that's called "insurance" which is there precisely to cover such risks, making the overall setup much much safer.


Can you enlighten me, maybe there is something that our security experts can help to tighten security at FBTC Exchange.
Well, I actually can give you two pieces of advice to your, ahem, "security experts" :

  • Don't use cloudflare, ever. Just because Bitstamp does it means it's a good thing.
  • Don't hash your passwords with SHA2, ever. If I ever hear anyone say the word "salt" I'll stab him in the face (protip: it doesn't solve shit).

Let's pause for a minute and use our brain jointly by starting with nr. 1 shall we ?

What is an SSL certificate for ? It's to prevent MITM attacks and eavesdropping. Ok, so far so good.
What does Cloudflare do ? It sits between you and the Internet, essentially being a massive MITM in itself, you even give them your SSL cert.

So, why the fuck would you want any Cloudflare employee to be able to sniff the passwords of your users as they travel through their servers ?

Gosh, what were you thinking ? "Bitstamp does it, must be cool!". Guess what, it's not.

Now for the second thing : do not hash passwords with SHA2, MD5, SHA3 or any such function, and salting doesn't help, at all. Let us take a minute to examine why this is, and has notoriously been for a while a terrible, terrible security practice.

What is SHA2 ? It is a hash function. What is it designed for ? It is designed for hashing arbitrarily large chunks of data to a fixed-size fingerprint. And it is heavily optimized to be *fast*. Yes, fast. That means that of all the hash functions, you picked one that actually *helps* the bruteforce process by being heavily performance optimized. Gosh, it's even massively parallelizable! As in "the whole Bitcoin system is based on efficiently bruteforcing the shit out of it".

Once you use your brain the correct solution becomes quite obvious, it is to use something that is designed to be *slow*, and to adapt its slowness to the performance of common computers.

So look up bcrypt, get your stuff straight, and come thank me after your first pwnage, because I'll have avoided a lot of password leakage.

But either way, don't bother to change the SHA2 thing unless you also drop cloudflare, because if you don't, your passwords are already pretty much travelling in cleartext over the wire.


So I'm interested in reading more about your setup. But I encourage you to do something about your glaring security flaws. When you're done with that maybe we can talk security, maybe.
sr. member
Activity: 448
Merit: 250
No longer satoshipoker.org - Can't change avatar
With the assistance of ING bank we can accept and transfer Euro and US dollar.  Our exchange handles trades in both currencies. We will add other currencies and transfer methods in the next 6 months.   

Be really careful. The statements of the Dutch government only apply to BTC2EUR and EUR2BTC transactions, as USD is highly regulated and controlled outside of Holland. Good luck with the site though Smiley
newbie
Activity: 29
Merit: 0
Hello Davout,

Quote
Quote
The bank accounts that are holding third party funds are legally set up for that purpose.
They are third-party bank accounts and are by law outside of the company. The Third party bank accounts have a monthly check by a register accountant (RA).

Ok, so does this particular kind of bank account have a name ?
Who exactly has authority to pull money from it ?

Quote
Quote
Its the same system as used by notaries in the Netherlands to held third party funds.
I understand. In the case of a notary he has an account and maintains an accounting system that is necessary to keep track of funds ownership. Obviously you have such a system too, otherwise you could not have a functioning exchange, my question is : "who has the authoritative accounting data ? Is it you ? Is it some third-party ?"
Quote
Quote
In the case something happens to the company a curator will be appointed by court and the curator will refund everybody's money that is on the bank account.
The funds for our operational costs are in an other, normal business bank account (at a different bank).
If a curator is needed to perform such a task it means that you're holding the funds directly and have full access to the bank account holding customer money. Is this correct ?

I do not know the exact legal terms they call it in other countries. In holland it is called a "third party quality bank account" It are accounts with a double or triple authority system. Non of the parties has direct authority to pull money. One party sets the transfers out of the system, and an other, (third) party checks the transfers and sends them out. So you always need two parties to authorize payments. One party is FBTC Exchange and the other is the registered account (RA).
If the company has trouble then a curator takes the place of FBTC Exchange and pays out the funds to the clients in the same way as explained above. The accountant can set the transfers and the curator sends them to the rightful owners.   

Maybe it would be best if you read the legal aspects of such a bank account and you will see that the regulations are set by law. 


Quote
Quote
The things you assume... lets talk about that.
I'm not really talking about assumptions, but about factual information that I learned over time while doing what I do, and which you seem to have some knowledge about. I'm doing you the professionnal courtesy of sharing some of it with you, make the best out of it. Next time I won't be the one asking the questions, next time you'll be sitting in front of a few not-so-funny people wearing not-so-creative suits.

Thanks for the heads up but we have investigated our legal business structure and regulations regarding the exchange thoroughly.

Quote
Quote
We legally do not need to have a payment service provider license or electronic money issuer license. We use the same bank-account structure for the same reasons as they do.
Let me pause for a minute here and re-read this. You are saying that because you use the same infrastructure you can ditch all the capital, reporting and compliance reporting requirements that a PSP has ? Maybe you could enlighten me regarding this particular point.

What is there to enlighten... We work legal and according Dutch laws and regulations. The use of a PSP sets an extra possible security breach because criminals can hack into their systems, and how do you know if the system from your PSP is secure enough for your customers.   

Quote
Quote
We have a good relationship with ING.
I'll interpret that as "we have a good relationship with our account manager". Might be wrong here though. It would seem extremely weird and unusual though that they open "the same bank-account structure" as a PSP for a regular corporate client that has no particular financial license whatsoever.


To get a "third party quality bank-account" in the Netherlands you need to registered it legal by a notary. (Do not know if this is possible in France)       
With the papers from the notary you can open a third party quality bank account and the bank provides you with the authorisation system.

Quote
Quote
I hope for you that you are soon finished rebuilding Bitcoin-central.
We actually are, we're wrapping up some details before relaunching though. If you actually come to get some experience in this field you'll very soon learn that there's where the devil is…

Lets hope you and your hosting service provider has taken actions to prevent what happened to Bitcoin central a few months ago. I looked at your site and i can not find anything about your security. Is there a reason that you do not state it on your website?  I think people would like to know what you have done to prevent it.
Can you enlighten me, maybe there is something that our security experts can help to tighten security at FBTC Exchange.

Quote
Quote
If we can help you in any way let me know.
It's a little presumptuous to assume you could run not only one, but also help with a second exchange business at the same time, don't you think ? But hey, smart people are always welcome!


Quote
I think we can support each other in building a reliable set of exchanges to provide all Bitcoin users the service they deserve.
Absolutely, that's why I'm more than happy to challenge you on important issues. It is quite important that we have reliable exchanges. And if you don't do your legal background work probably you're up for a lot of pain down the road, not at the beginning, but when you'll start actually picking up some business. Which will make it even harder to handle.

I know how to do Business, been doing it for many years already. Do not see any issues in this section.

Quote
Quote
Advanced bitcoin traders can earn more if they can quickly switch between multiple exchanges.

Like I said, the important thing is reliability, not gadgets for speculators. If we want half-baked corporate structures that'll fall at the first nod we already have Mark Karpeles for that. I strongly encourage you to document yourself about his problems with French banks in court, because right now, I kinda feel you're walking right in his footsteps.

I have no comment on this.


greetings peter

FBTC Exchange
legendary
Activity: 1372
Merit: 1008
1davout
Thank you for your answer!

Since you do not seem to mind, and that being transparent about your setup is generally perceived as a positive thing let us dig a little further, shall we?

Quote
The bank accounts that are holding third party funds are legally set up for that purpose.
They are third-party bank accounts and are by law outside of the company. The Third party bank accounts have a monthly check by a register accountant (RA).

Ok, so does this particular kind of bank account have a name ?
Who exactly has authority to pull money from it ?


Quote
Its the same system as used by notaries in the Netherlands to held third party funds.
I understand. In the case of a notary he has an account and maintains an accounting system that is necessary to keep track of funds ownership. Obviously you have such a system too, otherwise you could not have a functioning exchange, my question is : "who has the authoritative accounting data ? Is it you ? Is it some third-party ?"


Quote
In the case something happens to the company a curator will be appointed by court and the curator will refund everybody's money that is on the bank account.
The funds for our operational costs are in an other, normal business bank account (at a different bank).
If a curator is needed to perform such a task it means that you're holding the funds directly and have full access to the bank account holding customer money. Is this correct ?


Quote
The things you assume... lets talk about that.
I'm not really talking about assumptions, but about factual information that I learned over time while doing what I do, and which you seem to have some knowledge about. I'm doing you the professionnal courtesy of sharing some of it with you, make the best out of it. Next time I won't be the one asking the questions, next time you'll be sitting in front of a few not-so-funny people wearing not-so-creative suits.


Quote
We legally do not need to have a payment service provider license or electronic money issuer license. We use the same bank-account structure for the same reasons as they do.
Let me pause for a minute here and re-read this. You are saying that because you use the same infrastructure you can ditch all the capital, reporting and compliance reporting requirements that a PSP has ? Maybe you could enlighten me regarding this particular point.


Quote
We have a good relationship with ING.
I'll interpret that as "we have a good relationship with our account manager". Might be wrong here though. It would seem extremely weird and unusual though that they open "the same bank-account structure" as a PSP for a regular corporate client that has no particular financial license whatsoever.


Quote
I hope for you that you are soon finished rebuilding Bitcoin-central.
We actually are, we're wrapping up some details before relaunching though. If you actually come to get some experience in this field you'll very soon learn that there's where the devil is…


Quote
If we can help you in any way let me know.
It's a little presumptuous to assume you could run not only one, but also help with a second exchange business at the same time, don't you think ? But hey, smart people are always welcome!


Quote
I think we can support each other in building a reliable set of exchanges to provide all Bitcoin users the service they deserve.
Absolutely, that's why I'm more than happy to challenge you on important issues. It is quite important that we have reliable exchanges. And if you don't do your legal background work probably you're up for a lot of pain down the road, not at the beginning, but when you'll start actually picking up some business. Which will make it even harder to handle.


Quote
Advanced bitcoin traders can earn more if they can quickly switch between multiple exchanges.

Like I said, the important thing is reliability, not gadgets for speculators. If we want half-baked corporate structures that'll fall at the first nod we already have Mark Karpeles for that. I strongly encourage you to document yourself about his problems with French banks in court, because right now, I kinda feel you're walking right in his footsteps.


Looking forward to your answers !
newbie
Activity: 29
Merit: 0
Hello Davout,

Its no problem for me to let you know how we are legally setup. As i stated earlier we are building a solid and trustworthy exchange.

The bank accounts that are holding third party funds are legally set up for that purpose.
They are third-party bank accounts and are by law outside of the company. The Third party bank accounts have a monthly check by a register accountant (RA).

Its the same system as used by notaries in the Netherlands to held third party funds. (For example if you buy a house and you send money to the notary it is held in a similar bank account)
So by law, third party bank account can not be compromised if something happens to the company.

In the case something happens to the company a curator will be appointed by court and the curator will refund everybody's money that is on the bank account.
The funds for our operational costs are in an other, normal business bank account (at a different bank).

The things you assume... lets talk about that.

We legally do not need to have a payment service provider license or electronic money issuer license. We use the same bank-account structure for the same reasons as they do.
We have a good relationship with ING. We have discussed all aspects of the operational side of the exchange with ING. the security issues in money transfers, speed of transfers abroad, criminal attacks, etc etc. ING has extensive safety nets and in case of a breach of the bank-accounts ING will refund everything.

You can read that we know exactly what we are doing. Wink 

I hope for you that you are soon finished rebuilding Bitcoin-central. If we can help you in any way let me know.
I think we can support each other in building a reliable set of exchanges to provide all Bitcoin users the service they deserve. Advanced bitcoin traders can earn more if they can quickly switch between multiple exchanges.   

Fast and reliable services are needed to get Bitcoin generally accepted and increase the value of Bitcoin.

greetings Peter

FBTC Exchange
legendary
Activity: 1372
Merit: 1008
1davout

Let me just re-state my question if you do not mind. (You don't mind, do you?)

How are you legally set up ?

If you did your homework correctly you should know that holding funds on behalf of third-parties on a plain corporate account is not only dangerous for a lot of reasons but also illegal.

So, I assume you either have a payment service provider license, an electronic money issuer license, an actual partnership deal with ING (which I'm a little doubtful about) or that you don't know what you're doing.

Care to enlighten me ?

(And sorry, I meant to post this in the dutch thread, but my written dutch is terrible)
legendary
Activity: 1372
Merit: 1008
1davout
The answer is : "they use another program than Google Authenticator, the same way they can use Firefox instead of Chrome".
   Thanks! That didn't hurt, did it?

Spell it out for a noob, that's how he'll thank you... Should've let you educate yourself.
legendary
Activity: 1014
Merit: 1003
VIS ET LIBERTAS
The answer is : "they use another program than Google Authenticator, the same way they can use Firefox instead of Chrome".
   Thanks! That didn't hurt, did it?
legendary
Activity: 1372
Merit: 1008
1davout
My browser is called firefox.
Je ne comprends pas vos allusions. Si vous avez une réponse à ma question "What if people dont want to use a googl service because they dont want their data to be secretly collected and used by googl for dubious purposes?" expliquez-vous clairement.

The answer is : "they use another program than Google Authenticator, the same way they can use Firefox instead of Chrome".
legendary
Activity: 1014
Merit: 1003
VIS ET LIBERTAS
My browser is called firefox.
Je ne comprends pas vos allusions. Si vous avez une réponse à ma question "What if people dont want to use a googl service because they dont want their data to be secretly collected and used by googl for dubious purposes?" expliquez-vous clairement.
legendary
Activity: 1372
Merit: 1008
1davout
So why is it called "Google authenticator"?

Why is your browser called Google Chrome? Derp.
legendary
Activity: 1014
Merit: 1003
VIS ET LIBERTAS
What if people dont want to use a googl service because they dont want their data to be secretly collected and used by googl for dubious purposes?
It's an open standard that's in no way specific to Google.
So why is it called "Google authenticator"?
legendary
Activity: 1372
Merit: 1008
1davout
What if people dont want to use a googl service because they dont want their data to be secretly collected and used by googl for dubious purposes?

It's an open standard that's in no way specific to Google.
legendary
Activity: 1014
Merit: 1003
VIS ET LIBERTAS
Quote
Two-way authentication:

To protect your account if your username and password are stolen, we have a two-way authentication into the system using Google authenticator.
What if people dont want to use a googl service because they dont want their data to be secretly collected and used by googl for dubious purposes?
legendary
Activity: 1372
Merit: 1008
1davout
How are you legally set up ?

If you did your homework correctly you should know that holding funds on behalf of third-parties on a plain corporate account is not only dangerous for a lot of reasons but also illegal.

So, I assume you either have a payment service provider license, an electronic money issuer license, an actual partnership deal with ING (which I'm a little doubtful about) or that you don't know what you're doing.

Care to enlighten me ?

(And sorry, I meant to post this in the dutch thread, but my written dutch is terrible)
newbie
Activity: 29
Merit: 0
We have taken all replies in consideration and to increase the safety of our platform we have implemented some additional security measures.
you can now trade 100% safe at FBTC Exchange. You can use the new security measurements if you wish to.

We have an US dollar bank account special for users outside of Europe. Funding of your account through bank transfer will take 4 days due to the process at the local bank of your country.
ING bank have stated to us that all transfers to our US dollar account will be processed immediately. This applies to transfers in and out of our bank account.

If you have a validated account we can do a speed transfer to your account. This transfer is processed at ING the same day. Depending on the speed of your local bank it can be in your bank account the next day.

I will list the security measurements.


Incoming bank transfers:

To transfer funds from your local bank to your account you need to generate a unique transaction code. The combination of your bank account and the transaction code will provide a valid transfer to your account.
With the security measures of incoming transfers and the limit of USD 750,00 per day we reduce the risk to a level that we can absorb.
Transfers with an invalid code or from an unknown bank account will be automatically refunded to the bank account.

We get questions if the same thing that is happend to Bitcoin24 can happen at FBTC Exchange. Bitcoin24 had no validation of incoming transfers. So invalid or fraudulent transfers are changed for Bitoins and taken out of Bitcoin24.
When the bank requested refunds from Bitcoin24 they could not pay the money back.


Two-way authentication:

To protect your account if your username and password are stolen, we have a two-way authentication into the system using Google authenticator.
After activating the Google authenticator you must enter an extra validation for login, sending Bitcoins out of the account and make withdrawal orders out of your account.


Lock of Bitcoin send Addresses:

To add security to your account you can lock a maximum of five Bitcoin addresses. After you lock your addresses you can only send Bitcoins to the specified addresses.
To unlock and change the addresses you have locked you must send a support ticket.
We will ask you for additional verification to release your bitcoin send addresses. (This is not a complete validation of your account.)


Lock of connected bank accounts:

For safety reasons you can lock your connected bank accounts. After the lock of your connected bank accounts you can only make withdrawals to the specified bank accounts.
Once your bank accounts are locked and you want them released you can send us a support ticket.
We will ask you for additional verification to release your bank accounts. (This is not a complete validation of your account.)
 
FBTC Exchange is committed to maximize security. With these additional security measures taken, you are assured that no one can take away your Bitcoins or funds.

greeting,

Peter FBTC Exchange
sr. member
Activity: 364
Merit: 250
Love to hear new BTC exchange/.
newbie
Activity: 14
Merit: 0
Hello Stelmoi,

The Compagny is registered on the location in Woubrugge. But we rent a office in Amsterdam and we have an office in haarlem.

In the near future we will move with all locations to one office.


You are getting off to a very rough start.   It is not good to see someone from the company trying to obfuscate things and claim that they don't have to put KVK number on their web site.  Glad you came around finally, even if only after having others rub your nose in the dutch law, and have now put the KVK number on the website.   

But good luck anyways, if you survive this launch you might have a chance Wink
legendary
Activity: 2128
Merit: 1002
Would be nice if a phone number is added : https://fbtcexchange.com/contact
Newbies stumbling on Bitcoins like to talk to people for guidance.
legendary
Activity: 2128
Merit: 1002
Great news. We need more exchanges.
for this reason I would like the concept of binding a bank account to a account to be a 1 time event. You add your bank account for withdrawal purposes at account creation time, and thats it, its unchangeable.

http://www.miicard.com/ does that. I was talking to their Sales Manager last month.
They have offices in UK and US.
PM me if you need an intro.

newbie
Activity: 29
Merit: 0
Hello Stelmoi,

The Compagny is registered on the location in Woubrugge. But we rent a office in Amsterdam and we have an office in haarlem.

In the near future we will move with all locations to one office.


newbie
Activity: 14
Merit: 0
it is not necessary to announce your chamber of commerce number. but for everyone who wants to know just search for "FBTC" in http://www.kvk.nl

It may or may not be "necessary", but it sure is good business practice.  (EDIT:  after reading the dutch thread, it seems it IS necessary according to Dutch law to give your KVK number in all company communications.)   

I did a search on kvk.nl Handelsregister for "FBTC", and only a company in Woubrugge, NL came up.  But your site has contact as Contactweg 131, 1014BJ, Amsterdam, NL.    

Where are you located? Do you have multiple office locations?  What is your KVK registration number?  Do you have multiple KVK registrations?

newbie
Activity: 29
Merit: 0
hello Addams,

That is correct. you can add multiple bank accounts. Then you can choose to witch bank account you want to withdraw your funds.

you do not need to change it. Just add additional bank accounts.


greetings Peter 
legendary
Activity: 1014
Merit: 1003
VIS ET LIBERTAS
Thanks for the informations.
If I had to change my bank account on and off, as I understand, you will ask for account verification but not for ID validation?
newbie
Activity: 29
Merit: 0
Hello Addams

A verification-free account has the standard limits of EUR 500 in the account and EUR 2000 out of the account per day.
An abnormality is if the user changes his/her bank account before a withdrawal order is made.
We will then ask the user to verify if the change of the bank-account is legit. This is only to prevent unauthorized withdrawals out of the account.
no validation is needed in this case. That verification is not a complete validation of users credentials.

We can not disclose the verification methods that we use in this cases. People with bad intentions can then take advantage of this.
The money in the account always belongs to the account holder so we want to secure it at all times and pay it to the rightful owner of the account.   

So if there is no change of the connected bankaccount, there is no abnormality and you can withdraw EUR 2000 per day without additional verification.
 

Hope i answered your question. if you have other questions feel free to ask them and i will answer them.

greetings peter

 
legendary
Activity: 1014
Merit: 1003
VIS ET LIBERTAS
If there are more questions or remarks i will answer them in the correct mather.
Please take a stand on the mentioned issue:
In case of a change of bank-account we will ask for verification of the account before we proceed transferring funds to the bank-account. Next to that we have a four-eye system on all outgoing transactions. When there is an abnormality we will contact the account holder to verify.
The downside that keeps me from registering now is that everybody is invited to open a verification-free account, but at the first abnormality, the user/trader is forced to verify his acc or he will not be able to withdraw his money anymore. What will you do with his money in this case?
hero member
Activity: 537
Merit: 524
In the dutch thread Peter responded professionally which makes it look less likely to be a scam but as also said there by another user he should talk to his lawyer (or fire him) because companies are required to mention there chamber of commerce number in all correspondence including websites. Furthermore the offical name of the privacy law in dutch english is 'Dutch data protection act' (source: http://www.dutchdpa.nl/pages/en_ind_wetten_wbp.aspx) not something you think sounds better.

Peter, as I said in the dutch thread I like your idea and would like it to succeed but transparency about who you and your company are is vital when you want to gain the trust of people if they are to trust you with their money and bitcoins (hence my initial reaction to your announcement).
donator
Activity: 406
Merit: 252
Study the past, if you would divine the future.
im happy to see new exchanges popping up all over the world, keep up the good work! Smiley
newbie
Activity: 29
Merit: 0
Like i responded in the dutch section of this forum. i will reply to the questions and remarks.
We are currently still working to process all requests and improvements to the site so i will reply daily but not always immediately.

it is not necessary to announce your chamber of commerce number. but for everyone who wants to know just search for "FBTC" in http://www.kvk.nl

I rent an office in an office center where denit.nl is also located (next to other compagnies). Do not see why that is abnormal.

The only english in the dutch section is the explanation of bitcoin in the FAQ section and the legal terms. The text in the FAQ is very clear  and i did not want to make it worse by translating it.
That some of the dutch language is iffy... i cannot command on that. We try to be direct and transparent without long statements.   

The terminology in the terms of use where GWS24 referred to is  "Wet bescherming persoonsgegevens" or "Personal Data Protection Act" like google translates it.
What does "personal data protection act" say? That i personal protect your data.... In fact there is, like GWS24 stated, a law in the netherlands to protect personal data.
We have consulted our lawyer about this and therefore we choose to use the fraise "Federal Data Protection Act".   Just to point out that not we, but our government regulates the protection of personal data. We only comply to that law.

I can not change the fast opinion of GWS24 based on some loose remarks.  We are a legit business trying to build up and trying to urn your trust, now and in the future.

Answer of the post by Pankkake: Our password requirements are there to protect your account. if you have problems with  signing up, i will gladly give you some explaining. The other new users today did not have any problems with signing up.

If there are more questions or remarks i will answer them in the correct mather.



     
hero member
Activity: 537
Merit: 524
Ok, there is also a thread in the dutch subforum started by peter about this and there are some questions for this new exchange:

- there is no chamber of commerce number (or in dutch 'kamer van koophandel') on the site which we can check. (every company in the netherlands is required to have one)
- If you search the contact address you get a hosting provider: denit.nl
- Part of the dutch version is in english and some of the dutch is iffy
- In the terms of use under privacy they speak of the Federal Data Protection Act (no dutch version for the terms of use). There is no law in the netherlands that is called that and we don't have a federal government; just a government. The law they are looking for is 'Wet bescherming persoonsgegevens' which loosely translates to 'Law for the protection of personal data'.

Personally I wouldn't trust my money or bitcoins to this company because it looks like a scam.

legendary
Activity: 1014
Merit: 1003
VIS ET LIBERTAS
In case of a change of bank-account we will ask for verification of the account before we proceed transferring funds to the bank-account.
Next to that we have a four-eye system on all outgoing transactions. When there is an abnormality we will contact the account holder to verify.
The downside that keeps me from registering now is that everybody is invited to open a verification-free account, but at the first abnormality, the user/trader is forced to verify his acc or he will not be able to withdraw his money anymore.
What will you do with his money in this case?
newbie
Activity: 29
Merit: 0

Two-factor authentication will be supported in a few days. Then every transaction and change of your accounts will be in the two-factor authentication.
We have taken extensive precautions to prevent what happend to Bitcoin24 and Bitcoin-central.

It is part of our security that we can't tell you exactly how our security works to keep your Bitcoins safe.
We have many security audits on our system and our hot-wallet is empty most of the time.
The Bitcoins in the hot-wallet are guaranteed during a transaction.

GPB will be supported in a few weeks. for now we start with EUR and USD.

In case of a change of bank-account we will ask for verification of the account before we proceed transferring funds to the bank-account.
Next to that we have a four-eye system on all outgoing transactions. When there is an abnormality we will contact the account holder to verify.


sr. member
Activity: 286
Merit: 251
Great news. We need more exchanges.

So I am a little worried about people stealing my cash on exchanges, for this reason I would like the concept of binding a bank account to a account to be a 1 time event. You add your bank account for withdrawal purposes at account creation time, and thats it, its unchangeable.

Did I say unchangeable, well , ok its a SLOW event, that takes many days and involves email or sms notifications. or other security.

I'd like the adding of a bitcoin address to be similarly immutable. You can add a bunch of them, they get used in rotation, but once added you cannot add more, or maybe over a few days.

So your account is hacked, what can they do. Withdraw your money to your accounts, or trade your money, thats all.

I want to be able to choose the password I use - none of this oh it must be upper / lower case and contain an underscore business, remembering passwords is hard and resetting them ought to be hard, and I need to
freely choose the password or I cannot remember it.  Warnings about too short are fine and should preferably be grounded in terms of it would take X hours of computer Y to crack that!!

I'd like 2 factor confirmation of any withdrawal, via my email, send me a pin!

Good luck with your venture.
member
Activity: 116
Merit: 10
will you support GBP? Smiley
newbie
Activity: 27
Merit: 0
Happy to see a Dutch initiative but before I send you any of my hard earned cash I need to see yubikey- and google authenticator support. Also, boasting that "Kosten noch moeite zijn gespaard om ervoor te zorgen dat uw Bitcoins veilig zijn" doesn't tell me much if you don't explain what exactly you do to keep our funds safe. Convince me.
Otherwise it looks very promising. Keep up the good work.

EDIT: Nevermind the remark about the security. Found the page: https://fbtcexchange.com/safe
legendary
Activity: 1014
Merit: 1003
VIS ET LIBERTAS
Good to see a new exchange, but how will you avoid to get into the same troubles as bitcoin-24 or bitc-central?
member
Activity: 63
Merit: 10
Will Two-Factor Authentication be supported?
Thanks,
newbie
Activity: 29
Merit: 0
Hello Bitcoin users,

We have trade at mtgox for sometime and we encountered the problem that transfers in and out of mtgox takes long to process. 

For this reason we have built a brand new Bitcoin exchange and start operating in the Netherlands under the Dutch financial regulations. We have build in advanced security systems to guarantee safety at all times, for all users.

Our trading-engine trades in real-time (no lag) so margin trading is possible.
We have an intensive relation with ING bank in the netherlands to speed up transfers in and out of the exchange.
With the assistance of ING bank we can accept and transfer Euro and US dollar.  Our exchange handles trades in both currencies. We will add other currencies and transfer methods in the next 6 months.   

We would like to have some trails running and would like feedback to improve the exchange to your needs. The trial period will take until 31 july 2013. In the trial period we will use a trade fee of 0% so you can try the exchange for free. In august we will start operating at a trade fee of 0.45%.   

If you want to help us to create an exchange that works for you, please create an account and test it. We would like you to put your suggestions, remarks and wishes in our ticket system,  You can find it on the contact page or you send an email to [email protected]

Help us so we can help you.

You can find the exchange at https://fbtcexchange.com

With kind regards,

FBTC Exchange
Jump to: