Security

OldWest operates on isolated virtual machine infrastructure. Each user session runs in a dedicated virtual environment with no cross-session access. All virtual machines are encrypted at rest and in transit. Infrastructure is regularly audited and updated.

Account creation requires phone number verification. This establishes a single, verifiable identity tied to all platform activity. Phone numbers are encrypted and used solely for verification and account recovery. We do not share phone numbers with third parties.

All user data is encrypted using industry-standard encryption. Session data is stored in isolated virtual environments. Usage logs are encrypted and access-controlled. Data is retained only as necessary for settlement and audit requirements.

Platform access requires authenticated sessions. All API endpoints require authentication. Administrative access is restricted and logged. Users can view all access logs for their accounts through the dashboard.

Security incidents are responded to within 24 hours. Affected users are notified immediately. All incidents are logged and reviewed. Security improvements are implemented based on incident analysis and industry best practices.

Report security vulnerabilities through your account dashboard or via the security contact listed in platform documentation. We appreciate responsible disclosure and will acknowledge valid reports.