Protecting your funds, NFTs and privacy is our number one objective
Kraken takes a comprehensive approach to protecting your investments in crypto assets and NFTs. Our team of experts have built in a number of sophisticated measures to prevent the theft of funds, NFTs, or information.
Theft isn't the only threat of course. We offer stability, with proof of reserves, healthy banking relationships and the highest standards of legal compliance.
Kraken’s comprehensive approach to cybersecurity and information security management systems has earned us the ISO/IEC 27001:2013 certification and allowed us to complete a SOC 2, Type 1 examination. This demonstrates our ability to meet the highest international security standards, as well as our commitment to keeping your funds and information safe.
We test third-party services and products in an effort to help identify, publicize and solve issues before they’re exploited by bad actors.
Discover more about Kraken Security Labs.
Security above everything
World class security team
We’ve assembled a global team of top security professionals who take a risk-based approach to ensuring our clients’ assets are protected at the highest levels while maintaining exceptional performance and an unparalleled client experience. Our team has decades of experience building security programs for the world’s top brands, investigating the largest consumer data breaches, developing security technology trusted by millions of businesses and discovering vulnerabilities in the technology used by billions of people every day.
Proof of Reserves
We periodically work with an external auditor to perform Proof of Reserves audit aimed at developing greater trust and transparency in the assets held within our exchange and on-chain staking service. You can log in to your account and verify that Kraken had custody of the covered tokens in your account at the time of the audit. Learn more.
Custody Security
We use advanced cold storage and hot wallet solutions to secure your funds. Our crypto infrastructure resides in secure cages under 24/7 surveillance by armed guards, alarm systems and video monitors.
Information Security
All sensitive account information is encrypted at rest at both the system and data level. Access is strictly controlled and monitored. We’re also ISO/IEC 27001:2013 certified and have completed a SOC 2, Type 1 examination. Learn more.
Security Testing
We have an expert team dedicated to testing our own systems via every imaginable attack vector. Additionally, we run a bug bounty program to leverage the expertise of the broader security research community.
Security features
FIDO2 compliant 2FAs with Passkeys to keep your account secure
No Phone/SMS account recovery, your account stays in your hands
Customizable, granular API key permissions with range boundaries
Email confirmations for adding new withdrawal addresses
Configurable account timeout for another layer of protection
PGP signed and encrypted email for secure communication
Global settings time lock for extreme security when you're away
SSL encryption to protect you when browsing Kraken
Constant, real-time monitoring for suspicious activity
Zero settlement risk, no chargeback fraud when trading crypto
Sensitive data is fully encrypted at rest and in transit
High priority 24/7 live chat and email support for urgent concerns
Committed to helping secure the crypto-ecosystem
Our mission is to increase cryptocurrency adoption world-wide, and we recognize that this extends past Kraken’s products and services. We’re committed to helping the entire industry become more secure, and that means identifying vulnerabilities in other projects or tools that our clients regularly use. To this end, we’ve developed Kraken Security Labs to test third-party services and products in an effort to help identify, publicize and solve issues before they’re exploited by bad actors. Learn more.
Security resources
Interested in learning more about our security practices or how you can protect yourself from bad actors? Check out the resources below:
Get the Kraken app
Disclaimer
There are no formally accepted rules or procedures that define a proof of reserves audit. For ours, we engaged an independent accounting firm to perform an engagement under standards set forth by the American Institute for Certified Public Accountants and to issue an Independent Accountant’s Report on Agreed Upon Procedures. This report includes specific procedures performed by that firm as well as their findings.