Security First. Always.

Our commitment to our customers is built on trust. We believe that security and data privacy are the foundations of achieving mainstream cryptocurrency adoption.

Our Philosophy

Security and Privacy by Design and By Default

We drive a Zero Trust, Defence in Depth security strategy across our systems and platforms. Data privacy assessments are built into our processes to safeguard your personal information.

Empowering a Growth Mindset

To continually strengthen our security posture, we invest heavily in ongoing security and privacy awareness training for all staff.

Deposit and Transaction deposits

We screen all deposits for compliance, and have a dedicated team to monitor all transactions

100% of user cryptocurrencies are held offline in cold storage.

Crypto.com has a strategic partnership with Ledger, integrating its institutional-grade custody solution, Ledger Vault. We also leverage hardware security modules (HSM) and multi-signature technologies. Crypto.com has secured a total of USD 360M in cold storage insurance against physical damage or destruction, and third-party theft.

All funds held in hot wallets are corporate funds.

We leverage HSM and multi-signature, key-generation technologies to keep these funds secure. They are primarily used to ensure smooth day-to-day withdrawal requests from our customers.

Users’ fiat currencies are held in regulated custodian bank accounts.

If you are a U.S. resident, your USD balances are covered by up to USD 250,000 of FDIC insurance. You retain ownership of the currencies in bank accounts, meaning your fiat funds cannot be claimed by Crypto.com or its creditors.

Crypto.com adheres to the principle of least privilege.

We have strict controls on access rights to funds in both cold and hot wallets.

Crypto.com App

We’ve developed key security features in our apps

We follow a Secure Software Development Lifecycle.

Security is baked into our coding lifecycle. Our software is peer-reviewed and uses a combination of static and dynamic source code analysis tools.

We use Multi-Factor Authentication (MFA).

Transactions are protected by MFA, which includes password, biometric, email, phone, and authenticator verification.

We ensure withdrawal protection.

Whitelisting external addresses through email verification is mandatory.

We provide 24/7 live customer support.

It’s our priority to help you make the most of your Crypto.com experience.

Crypto.com App

Building a more robust crypto community worldwide

Certifications and Assessments

Crypto.com is built on a solid foundation of security, privacy and compliance and is the first cryptocurrency company in the world to have ISO/IEC 27701:2019, CCSS Level 3, ISO/IEC 27001:2013 and PCIDSS v3.2.1 Level 1 compliance, and independently assessed at Tier 4, the highest level for both NIST Cybersecurity and Privacy Frameworks. Crypto.com has also engaged globally recognised security consulting and auditing firms like Kudelski Security to stress test and audit our core Blockchain systems.

Hacker One Bug Bounty

Crypto.com recognises the importance of security researchers in helping to keep our community safe. We encourage responsible disclosure of security vulnerabilities via our external bug bounty program on the leading platform, Hacker One.