Why no Two-Factor Authentication?

That’s literally impossible.

If you deposit $10,000 via card 1234, and later on you deposit $1 using card 6789 (presumably the fake one), then we will not refund $10,000 towards card 6789. Its a standard AML precaution.

Neither someone can remove that easily the card 1234 from our system - we’ll need a document issued by your bank, which confirms that the card has expired/stolen/etc.

Moreover, an email confirmation is sent upon withdrawal. So you’ll be notified additionally. And if someone decides to change your account email, then that person will have to provide us with an ID document + selfie (that way we verify that the account owner is the one contacting us).

Nonetheless, the 2FA is just around the corner - we don’t underestimate its importance. Yes, it took longer than the expected ETA, but in the meantime we also had to focus on other new features & planned improvements.