Compliance - Dysaky

Our Compliance Framework

Security Certifications

Dysaky hardware wallets undergo rigorous security testing and certification processes to ensure they meet the highest standards in the industry:

Common Criteria EAL6+: Our secure element chips are certified to Common Criteria EAL6+, providing high assurance that security functions work as claimed.
FIPS 140-2 Level 3: Our cryptographic modules comply with Federal Information Processing Standards for secure design and implementation.
ISO/IEC 27001: Our information security management systems are certified to ensure systematic management of sensitive information.
Penetration Testing: Regular third-party security audits and penetration testing by leading security research firms.

Regulatory Compliance

We maintain strict compliance with relevant regulations governing hardware security devices and cryptocurrency-related products:

FCC Certification: Our devices comply with Federal Communications Commission requirements for electronic equipment.
CE Marking: Products meet all European Economic Area health, safety, and environmental protection standards.
RoHS Compliance: All hardware components comply with the Restriction of Hazardous Substances Directive.
GDPR Compliance: Our data handling practices comply with the General Data Protection Regulation for users in the European Union.
CCPA Compliance: We adhere to the California Consumer Privacy Act requirements for California residents.

Anti-Money Laundering (AML) Policy

While Dysaky is primarily a hardware manufacturer and not a financial institution or cryptocurrency exchange, we are committed to preventing the use of our products for illicit purposes:

We implement risk-based Know Your Customer (KYC) procedures for large-volume orders.
We maintain records of sales and shipping information in accordance with applicable laws.
We cooperate with law enforcement agencies when legally required to do so.
We provide educational materials to users about responsible cryptocurrency ownership and legal compliance.
We train our staff to identify potentially suspicious transactions and escalate concerns appropriately.

Important Note: Dysaky produces hardware wallets designed for safe offline cryptocurrency storage. We do not offer custodial services, cryptocurrency exchanges, or any services that would classify us as a money services business under FinCEN regulations.

Supply Chain Security

We implement comprehensive supply chain security measures to ensure the integrity of our products from manufacturing to delivery:

Secure Manufacturing

Trusted manufacturing partners with proven security track records
Strict access controls at production facilities
Component verification and testing before assembly
Security surveillance throughout the production process

Secure Distribution

Tamper-evident packaging and security seals
Secure storage facilities with controlled access
Trusted shipping partners with tracking capabilities
Verification procedures at each transfer point

Authenticity Verification

Unique device identifiers and authentication certificates
Online verification portal for customers
Automatic authenticity checks during device initialization
Cryptographic signature verification of firmware

Open Source Commitment

We believe in transparency as a fundamental security principle. Our commitment to open source includes:

Publicly available source code for our firmware and software applications
Regular third-party security audits with published results
Bug bounty program to encourage responsible disclosure of security vulnerabilities
Active engagement with the security research community
Detailed technical documentation of security implementations

Our open source repositories are available at github.com/Dysaky, where security researchers and users can review our code, report issues, and contribute improvements.

Industry Partnerships and Standards

Dysaky actively participates in industry initiatives to advance security standards for cryptocurrency hardware:

Membership in Industry Organizations

Cryptocurrency Open Standard Protocols (COSP)
Hardware Security Alliance (HSA)
Global Digital Asset Protection Consortium (GDAPC)
International Association for Cryptologic Research (IACR)
Cloud Security Alliance (CSA) Blockchain Working Group

Standards Compliance

BIP32, BIP39, BIP44 and other Bitcoin Improvement Proposals
EIP standards for Ethereum compatibility
WebAuthn/FIDO2 standards for authentication
ISO/IEC 27034 for application security
NIST Cryptographic Module Validation Program guidelines

Our Certification Process

Each Dysaky product undergoes a comprehensive certification process before release. This multi-stage approach ensures that every device meets our strict security and quality standards:

Design Certification: Security architecture review and threat modeling by independent security experts.
Component Validation: Verification of all hardware components, with particular focus on secure elements and cryptographic chips.
Firmware Audit: Complete code review and security analysis of device firmware by third-party security researchers.
Penetration Testing: Comprehensive attacks against the device to identify potential vulnerabilities before they can be exploited.
Compliance Verification: Testing against relevant regulatory and industry standards to ensure full compliance.
Production Validation: Quality assurance testing of production units to verify consistency and security across manufactured devices.

This rigorous process is repeated for each new product and major firmware update, ensuring continuous compliance with evolving security standards and best practices.

Compliance & Standards