Get peace of mind with world-class security

Ultra-secure offline funds. Best-in-class software. Private key management.

Cold Storage

95% of all funds are stored in offline cold wallets

Funds are distributed worldwide in facilities globally-recognized for physical security.
Multi-signature validation means no one can unilterally access your funds. Not our CEO. Not even Satoshi.
Private keys don’t leave Hardware Security Modules where funds are stored, a cryptographic best practice.

AES-256 Encryption

Secure software on desktop and mobile

The Wallet and Exchange both support 2FA and use AES-256 encryption. Additionally, we store the private keys for custodied funds in FIPS 140-2 certified devices.
Coinmama enforces TLS 1.2 for Internet-facing applications and audits support cypher periodically.
Strong cyphers are used to enforce storage encryption across the cloud and physical facilities.

Private Keys

The most-used cryptographic software in the world

Client-side private key management is not unique to Coinmama, but at our scale is the most-used cryptographic tool in the hands of millions.
If you own your private keys, you own your crypto.
Zero knowledge proofs and private key management are the foundation of cryptocurrency.

Privacy and Trust

We help you keep your crypto and your data secure

We don’t track non-custodial funds held in Private Key Wallets and only track funds in Coinmama’s custodial accounts.
All Personally Identifiable Information is stored in Google Cloud Platform, secured by best-in-class digital security.
We comply with AML and KYC regulations globally and have registrations in the US, UK, EU, and MENA.

Certifications and Attestations

Coinmama is committed to the confidentiality, integrity, and availability of data entrusted to the organization. We help you keep your crypto and your data secure. Information security is a top priority and has the full support of top management. Our information security management system is continuously maturing to stay up-to-date with best-in-class security. Security controls are regularly audited both internally and externally.

ISO 27001 Certified
At Coinmama, we have implemented an integrated Information Security Management System certified against an internationally recognized standard. Controls undergo an external audit on an annual basis and are consistently monitored internally as well.
SOC 2
Coinmama’s controls are assessed by A-LIGN, who specialize in compliance across multiple industries, on an annual basis. A copy of this report can be shared upon NDA signature.
CryptoCurrency Security Standard (CCSS) Level 3
CCSS has specialized information security requirements tailored to the crypto industry. In an external audit against this standard, Coinmama has achieved Level 3 compliance, the maximum classification available.
PCI DSS Compliant
The payment card industry requires compliance with strict standards to ensure the confidentiality of any cardholder data. Coinmama is aligned with PCI DSS requirements.

Bug bounty program

Should you find any existing or zero-day issues, we encourage you to report them through the bug bounty program. If validated and fixed, you will earn a bounty as a reward.

Via Live Chat

Take control of your crypto security

Secure your Coinmama account

Choose a unique password
Enable two-factor authentication
Write down your Secret Private Key Recovery Phrase, store offline, and don't share it with anyone

Always follow security best practices

Keep your information private
Never give out your backup phrase, pairing code, or access to your Wallet
Protect your Secret Private Key Recovery Phrase
Physically write down and secure your passwords

Stay alert. Be skeptical.

The Blockchain.com support team and other employees will never initiate contact to ask for your password, backup phrase, or access to your Wallet.

Products