Destination address verification is an important control before submitting or approving any withdrawal or transfer from BE Custody.
Even where address book entries, approval workflows, and quorum controls are used, users should still verify that the destination address, asset, network, and recipient match the intended instruction.
Why address verification matters
Blockchain transactions are generally irreversible once confirmed.
If assets are sent to the wrong address, wrong network, unsupported destination, or unintended recipient, recovery may not be possible. Address verification helps reduce the risk of operational error, address poisoning, social engineering, and unauthorised asset movement.
What should I verify?
Before submitting or approving a transaction, check:
- The destination address
- The asset
- The network
- The intended recipient
- The amount
- The wallet or sub-wallet being used
- Any address book entry, label, or saved destination
- Any internal ticket, instruction, or approval record
- Whether the request is expected and consistent with normal activity
Do not approve or submit a transaction if any detail is unclear, unexpected, or inconsistent.
Do not rely on address labels alone
Address labels and address book entries can help reduce manual entry errors, but they should not replace review of the underlying address and network.
Before using a saved destination, check that:
- The label matches the intended recipient
- The underlying address is correct
- The selected network is correct
- The address is still approved for use
- The transaction matches the relevant internal instruction
Be aware of address poisoning
Address poisoning is a tactic where an attacker attempts to make a malicious address appear in a user’s transaction history or workflow by using an address that looks similar to a legitimate one.
Users should not rely only on the first and last characters of an address. Where possible, follow the organisation’s approved address verification process and compare the full address against a trusted source.
Use approved verification channels
Destination addresses should be verified using your organisation’s approved process.
This may include:
- Checking an approved internal record
- Confirming the address through a trusted system of record
- Using an approved address book process
- Verifying the address with an authorised contact through an approved channel
- Requiring appropriate internal review before first use
- Checking that the address, asset, and network match the instruction
Do not use informal messages, screenshots, copied chat text, or unverified communication channels as the only basis for approval.
Token and network checks
For token transfers, also check that the token contract and network match the intended instruction.
A token symbol alone is not enough to confirm that the correct asset is being used. Multiple tokens may use similar symbols, and the same asset may exist on more than one network.
Support for an asset on one network does not automatically mean that all network versions are supported in BE Custody.
What should I do if the address looks wrong?
If the address looks wrong, unfamiliar, or inconsistent with the instruction:
- Do not submit the transaction
- Do not approve the transaction
- Escalate through your organisation’s internal process
- Ask for the destination to be verified through an approved channel
- Contact Bitpanda Enterprise Custody Support through the approved support channel if support is required
Do not include passwords, PINs, private keys, seed phrases, API keys, API secrets, access tokens, or other sensitive authentication information in a support request.