Bitgo adds five-layer checks to curb pre-execution crypto fraud
Bitgo on April 30 introduced a five-layer transaction security model-intent, device, identity, behavior and policy-to detect and block pre-execution manipulation such as deepfakes and API spoofing.
Bitgo Holdings Inc. (NYSE: BTGO) on April 30 introduced a five-layer transaction security model for institutional customers that adds checks across intent, device, identity, behavior and policy to detect and block manipulation before transactions are executed.
The intent layer uses real-time API attestations to match transaction details with the user approval recorded at the time of intent, ensuring a signer sees the same request that was approved. The device layer verifies the signing environment through Bitgo’s Verify app, which performs biometric checks, device attestation and app integrity validation.
Identity controls include hardware-bound authentication, session binding and on-demand video identification to confirm the actor initiating or approving a transaction. The behavior layer monitors withdrawals in real time and can flag activity tied to address poisoning, sudden changes in withdrawal destinations or other patterns that may indicate account takeover or address substitution before assets leave custody.
A Policy Engine lets firms require extra approvals for large transfers, restrict withdrawals to pre-approved addresses and impose velocity limits that operate independently of cryptographic signatures. Because these checks run alongside key-based signing, a transfer that is valid at the signing level can still be blocked if it violates firm rules or behavioral detections.
In its release, Bitgo wrote that the design targets manipulation methods such as deepfakes, API spoofing, address manipulation and social engineering that can occur before a transaction is signed or settled.
The company framed the controls as additions to its existing custody and infrastructure services, which include regulated cold storage, wallets, staking, trading, financing, stablecoin operations and settlement. Bitgo did not disclose pricing or a full rollout schedule for all features.
The model will be available to institutional customers through Bitgo’s custody and transaction services. Institutions can configure policy rules to match internal workflows, require multi-party approvals for high-value transfers, enforce address whitelists and set throughput caps to limit rapid or large withdrawals.
The material on GNcrypto is intended solely for informational use and must not be regarded as financial advice. We make every effort to keep the content accurate and current, but we cannot warrant its precision, completeness, or reliability. GNcrypto does not take responsibility for any mistakes, omissions, or financial losses resulting from reliance on this information. Any actions you take based on this content are done at your own risk. Always conduct independent research and seek guidance from a qualified specialist. For further details, please review our Terms, Privacy Policy and Disclaimers.
Articles by this author
