Security First. Always.
Our commitment to our customers is built on trust. We believe that security and data privacy are the foundations of achieving mainstream cryptocurrency adoption.
Security and Privacy by Design and By Default
We drive a Zero Trust, Defence in Depth security strategy across our systems and platforms. Data privacy assessments are built into our processes to safeguard your personal information.
Empowering a Growth Mindset
To continually strengthen our security posture, we invest heavily in ongoing security and privacy awareness training for all staff.
Deposit and Transaction deposits
We screen all deposits for compliance, and have a dedicated team to monitor all transactions
100% of user cryptocurrencies are held offline in cold storage.
Crypto.com has a strategic partnership with Ledger, integrating its institutional-grade custody solution, Ledger Vault. We also leverage hardware security modules (HSM) and multi-signature technologies. Crypto.com has secured a total of USD 750M in cold storage insurance against physical damage or destruction, and third-party theft.
All funds held in hot wallets are corporate funds.
We leverage HSM and multi-signature, key-generation technologies to keep these funds secure. They are primarily used to ensure smooth day-to-day withdrawal requests from our customers.
Users’ fiat currencies are held in regulated custodian bank accounts.
If you are a U.S. resident, your USD balances are held at Metropolitan Commercial Bank, an FDIC member and insured depository institution. Your USD balances held at Metropolitan Commercial Bank are insured up to USD $250,000. You retain ownership of those funds in Metropolitan Commercial Bank accounts, meaning your fiat funds cannot be claimed by Crypto.com or its creditors.
Crypto.com adheres to the principle of least privilege.
We have strict controls on access rights to funds in both cold and hot wallets.
We’ve developed key security features in our apps
We follow a Secure Software Development Lifecycle.
Security is baked into our coding lifecycle. Our software is peer-reviewed and uses a combination of static and dynamic source code analysis tools.
We use Multi-Factor Authentication (MFA).
Transactions are protected by MFA, which includes password, biometric, email, phone, and authenticator verification.
We ensure withdrawal protection.
Whitelisting external addresses through email verification is mandatory.
We provide 24/7 live customer support.
It’s our priority to help you make the most of your Crypto.com experience.
Building a more robust crypto community worldwide
Certifications and Assessments
Crypto.com is built on a solid foundation of security, privacy and compliance and is the first cryptocurrency company in the world to have ISO 22301:2019, ISO/IEC 27701:2019, ISO/IEC 27001:2013 and PCIDSS v3.2.1 Level 1 compliance, and independently assessed at Tier 4, the highest level for both NIST Cybersecurity and Privacy Frameworks, as well as Service Organization Control (SOC) 2 compliance. Crypto.com has also engaged globally recognised security consulting and auditing firms like Kudelski Security to stress test and audit our core Blockchain systems.