SECURITY

Trust is our product.

Our founders, Cameron and Tyler Winklevoss, were early investors in cryptocurrency and struggled to find a platform where they could securely manage their growing portfolio. Out of that frustration and lack of trust, they built Gemini to deliver a crypto-native platform that focussed on strong security controls and compliance. Gemini is the worlds first SOC1 Type 2 and SOC 2 Type 2 certified crypto exchange and custodian*, click here to learn more.

Today, every employee at Gemini continues our founders’ focus on security and compliance, in order to build trust. Gemini has built a leading security program focused on developing innovative security solutions to help protect and secure our customers and their assets. We have also invested considerable resources to remain transparent about our security posture, through third party security assessments, including our SOC2 Type 2, ISO 27001, and annual penetration testing.

AICPA SOC Ceritfied
Gemini ISO 27001 Certified

Contacting the Security Team

Reporting Fraud or Abuse

Reporting Fraud or Abuse

We’ve built a rules-based marketplace with security at its core, so that our customers can focus on building their crypto portfolio. Our team is ready to help should you encounter fraud or abuse. We recommend you take a moment to visit our Trust and Safety page, which contains materials to help users avoid fraud and spot scams.
Report Fraud or Scams
Coordinated Disclosure Program

Coordinated Disclosure Program

We welcome contributions from security researchers to help us build and secure the future of money. To submit a security vulnerability to Gemini, or to learn more about our coordinated disclosure program, please visit our security.txt file for details.
Disclose a Security Vulnerability

Valid Gemini Communications

Gemini does not offer phone support. All support is provided via email. You will only be contacted via a valid Gemini email. Emails from Gemini will always end with the .gemini.com domain name. For example, emails from support@gemini.com or from the sub-domain hello@news.gemini.com are valid Gemini email addresses, because they end with .gemini.com.

Is valid icon

xxxxxx@gemini.com

Is valid icon

xxxxxx@news.gemini.com

Is valid icon

xxxxxx@gemini.gem.com

Industry Leading Security Controls

Trust is our product, which begins by building and maintaining a secure customer experience. The following provides information about the leading security controls we’ve implemented to secure customer accounts and assets, and mitigate the risk of insider threats.

Account
Controls
Assets
Compliance

Account Security

We build innovative security solutions to better protect our users and their accounts.

  • Two-Factor Authentication (2FA) is required by default, in order to access your account and make withdrawals.

  • Support for hardware security keys, like Yubikey, allows for a more secure 2FA experience for account access.

  • Address allowlisting allows users to restrict cryptocurrency withdrawals to allowlisted cryptocurrency addresses.

The trusted crypto-native finance platform

Create a free Gemini account in minutes