Skip to main content
MixPay
Sign in

Security & custody

Two custody modes. One standard of care.

Some merchants want funds settling straight into a Mixin Wallet they alone hold the keys to. Others want MixPay to hold the balance and sweep on request. We run both — and the security posture is the same either way.

Pick your custody model

Non-custodial or managed — chosen at signup.

Each MixPay merchant account is provisioned as one custody type during onboarding. The choice is permanent for that account. If your posture changes, open a separate account under the other model.

Non-custodial

Direct-to-wallet settlement

Customer payment clears on-chain, auto-converts to your chosen stablecoin, and settles into the Mixin Wallet you register at signup — a decentralized wallet where you alone hold the keys.

  • You hold the keys to your Mixin Wallet — MixPay never custodies funds
  • No counterparty risk on MixPay's balance sheet
  • Every transaction reconcilable on a block explorer
Learn about Mixin Wallet

Best for teams comfortable holding their own keys

Managed custody

MixPay Account (hold + sweep)

Payments settle into a MixPay-held balance you manage from the dashboard. Withdraw anytime to any on-chain wallet, or to a CEX deposit address (Binance, OKX, Gate, KuCoin, and more) — no time or amount limits.

  • No wallet infrastructure needed on your side
  • Consolidated reporting across every chain and coin
  • Withdraw on demand to on-chain wallets or CEX deposit addresses

Best for merchants without an in-house crypto operations team

Custody type is locked to the account. Teams running both models (e.g. platform take-rate in managed, sub-merchant payouts non-custodial) typically provision two separate merchant accounts — the same API semantics serve both.

Common controls

Applied to every transaction, custodial or not.

KYT monitoring

Every payment is screened for sanctions hits, mixer exposure, and darknet source funds. High-risk transactions are auto-flagged before settlement.

US MSB registered

Registered Money Services Business (MSB) with the U.S. Financial Crimes Enforcement Network (FinCEN). MSB Registration Number 31000324870543 — verifiable at fincen.gov/msb-registrant-search.

Audit trail on every event

Payment request, confirmation, settlement, and withdrawal — each emits a tamper-evident log tied to the originating merchant account.

Infrastructure controls

TLS 1.3 in transit, AES-256 at rest for managed balances, rate-limited API endpoints per merchant.

Which mode should you choose?

Three recurring patterns from the merchants we onboard.

  • Crypto-native team, mixed revenue Non-custodial. Register a Mixin Wallet you alone hold the keys to; MixPay routes the right coin and chain straight into it — no new custodian on your stack, no MixPay balance to reconcile.

  • Traditional e-commerce, one-person finance team Managed custody. Let MixPay aggregate inbound crypto, auto-convert to USDC/USDT, and sweep on your schedule to a CEX deposit address (Binance, OKX, Gate, KuCoin) where your finance team already cashes out.

  • Platform with sub-merchants (marketplaces, SaaS) Open two accounts. One managed — holds your platform take-rate for centralised reporting. One non-custodial — routes sub-merchant payouts straight into a Mixin Wallet each sub-merchant holds the keys to.

Talk to us about your custody model.

A 15-minute call covers both modes, the compliance overlay, and what you'd need to integrate.

Book a 15-minute call