Is The Assetz Capital Login Secure?

By Security on 30th July, 2021 | Read more by this author

The Assetz Capital login page is one of the key focal points for security risks on its website. We have assessed this page – as well as the entire website – for its cybersecurity.

Most websites now earn the “secure” symbol next to the website address in your browser window, but this is far cry from being definitive. Let's see how safe and secure the Assetz Capital login and website is.

Assetz Capital's cybersecurity ratings

The website's three servers that point at the sign-in page and the registered investor area of Assetz Capital's website are A-rated by SSL Labs. The two servers pointing at the public part of the website have the grade of A+.

The difference between A+ and A is that the A+ servers don't allow browsers to downgrade the website to a less secure http version from the better https version. Even so, users of Assetz Capital's registered investor area will not be able to sign in on http only, once they try to complete the sign-in form. And Assetz Capital automatically directs users to a secure version of its site. So the difference is not noticeable.

Security certificate

The security certificate validates the authenticity of Assetz Capital's website and is a tool for encrypting information going from Assetz to your browser and back again. For example, when you supply personal data.

Assetz Capital's website security certificate is valid. It is certified by an established, globally recognised certificate authority. Its security key is strong.

Malware, security bugs and vulnerabilities

Malware is a malicious program that tries to break websites or get inside them.

The Assetz Capital website doesn't appear to have malware or server errors that could be exploited by it. 4thWay's security provider Sucuri marks it as clean in a soft probe. Google Sage Browsing, McAfee, PhishTank, Opera and Yandex also mark it as clean.

The website is not vulnerable to the Heartbleed and Ticketbleed threats, which would allow people to easily steal information.

ROBOT, BEAST and POODLE – which are some severe security weaknesses  – can't be exploited on the Assetz Capital website.

Encryption and ciphers

There is no obviously poor encryption and there are no clearly weak ciphers, such as RC4, which would result in a large number of different vulnerabilities.

Qualys reports that Assetz Capital uses TLS 1.3, which is the latest standard in encrypting communications between your browser and Assetz's servers.

To earn an A or A+ security rating, instead of a B grade, Assetz Capital has to be using a cipher suite – programming rules to secure the server – that have no known possible weaknesses. This includes such things as forward secrecy, which prevents a hacker getting hold of historical exchanges if it manages to get hold of a private security key.


The website is not blacklisted by any anti-spam groups, such as McAfee or Norton Safe Web.

Firewalls, monitoring and independent checks

Amazon uses Amazon Web Services security measures, including the AWS firewall. A firewall is an important defence against hackers.

Assetz Capital has internal monitoring of its website and other systems, and it uses Mimecast to monitor for external threats.

Furthermore, an independent auditor reviews Assetz Capital's infrastructure security every year.

Website technology

As far as can be ascertained, Assetz Capital's website technology is up-to-date.

Is your Assetz Capital login safe?

Assetz Capital's website performs very well compared to other P2P lending companies and, indeed, to most websites that process personal information, financial information or financial transactions.

What you must do for your security?

You should absolutely set up two-factor authentication, which is when you confirm your identity through your phone as well as through a password.

The length of your password is the most important aspect by far. The person who initially came up with the idea of shorter passwords with numbers, lower case, capitals and special characters recently admitted it was a waste of time and not secure.

A 16-character password, even one simply made up of a few memorable words strung together, like “donthackmeplease”, is extremely high security, while eight is definitely too short – regardless of what it is.

Visit Assetz Capital or read the Assetz Capital Review.

Independent opinion: 4thWay will help you to identify your options and narrow down your choices. We suggest what you could do, but we won't tell you what to do or where to lend; the decision is yours. We are responsible for the accuracy and quality of the information we provide, but not for any decision you make based on it. The material is for general information and education purposes only.

We are not financial, legal or tax advisors, which means that we don't offer advice or recommendations based on your circumstances and goals.

The opinions expressed are those of the author(s) and not held by 4thWay. 4thWay is not regulated by ESMA or the FCA. All the specialists and researchers who conduct research and write articles for 4thWay are subject to 4thWay's Editorial Code of Practice. For more, please see 4thWay's terms and conditions.

Our service is free to you. We don't receive commission from the above-mentioned companies. We receive compensation from some other P2P lending companies when you click through from our website and open accounts with them. This doesn't affect our editorial independence. Read How we earn money fairly with your help.

Copyright BFGSL Ltd and 4thWay® 2014-2024. This peer-to-peer lending/IFISA comparison and ratings website is based on high-quality research, which requires investment. Please share content from our website by linking to it and not by copying it. See our T&Cs and Copyright Policy for more details and to buy additional rights. Acknowledge your sources.