| Crypto Education, Security

How Kraken manages client security

Proof is paramount to cybersecurity. At Kraken, proof of security essentially means “don’t trust but verify.” This mindset guarantees that the work associated with growing and improving on our exchange can continue unhindered while protecting you 24/7.

Kraken invests heavily in our cybersecurity program to safeguard your funds, NFTs, and privacy. Don’t just trust us. Verify us by checking out the ISO27001 certification we received from SGS, an independent and trusted certification body based in Switzerland.

“Security above everything” isn’t just a tagline — it’s a fundamental part of our mission to empower people with new ways to connect and transact. The safeguarding of your funds, NFTs, and privacy will always be our number one objective. If we did not invest in the rigorous standards we have become known for to keep these safe, we would never be able to execute on our mission.

With that in mind, let’s explore how Kraken maintains security for your funds and your private information.

Kraken’s approach to security

These are several key areas where Kraken’s security team focuses to ensure that you are secure. We carry these best practices forward while maintaining the privacy of your personal information as well.

Custody security

We have always encouraged our clients to self-custody their funds in order to keep their crypto safe. That said, we constantly obsess over the most advanced ways to keep funds safe when you choose to keep them on our exchange. Entities that hold a large amount of crypto are a prime target for attackers, so we work hard to consistently stay one step ahead of their scams, exploits, and attacks.

We primarily use advanced cold storage and hot wallet solutions to secure your funds. On top of requiring multiple parties from multiple teams to perform cryptographic approvals to move funds, our crypto infrastructure resides in secure cages under the 24/7 surveillance of armed guards, alarm systems, and video monitors.

But asset security is only the first step in maintaining your crypto.

Security testing

Does your workplace employ a team of people whose sole task is to hack you and your colleagues? We do.

At Kraken, we never rest when it comes to threat assessment. Instead, we are constantly looking for vulnerabilities in our infrastructure and applications. This lets us spot them before an attacker has a chance to use them.

But we don’t stop there. We offer a bug bounty program to leverage the security expertise of the broader security research community to ensure that we constantly stay one step ahead of potential exploits.

Security features

We have long believed that every Kraken client should have the tools they need to keep their funds and information secure. That is why we offer a robust set of security features that clients can use to protect themselves, their crypto, and their information from attackers.

Clients can secure their account using multiple tools including:

  • Robust device and session management tools
  • FIDO2-based two-factor authentication
  • A global settings lock to ensure no changes can be made to their account, including their crypto withdrawal addresses

We also employ security controls like AI-based analysis of activity to better detect compromised accounts.

Information security

Security is not just about keeping the crypto we hold safe. The personal identifying information we maintain is just as valuable. Attackers are just as eager to have your personal data as they are your private keys.

At Kraken, we use the latest standards to encrypt all sensitive account information at both the system and data level. This means your identifying information is always hidden behind a powerful layer of security. After we encrypt your information, we follow a robust set of security procedures and controls that earned us a ISO 27001 certification.

Productively paranoid mindset

As a company on a mission to empower people with new ways to connect and transact, every Krakenite has a hand in keeping our client’s information safe as we deliver on that mission. That is why we have built an internal culture that verifies before it trusts. We constantly educate each other on the potential risks we face that may jeopardize our clients’ financial freedom. We challenge each other to do the best we can to maintain the highest standards for our clients and each other.

Our mission extends beyond Kraken and into the wider crypto ecosystem of different products and services. That is why we have developed the Kraken Security Labs to help identify, publicize, and solve issues in third party products and services. We believe we have a responsibility to not just improve our own security posture, but the entire crypto community’s.

How does our security impact you?

Kraken’s security impacts you by ensuring that you are always able to access what is rightfully yours — your funds, your tokens, your NFTs, and your personal information. You trust us to keep these safe and we work hard to ensure we are always one step ahead of attackers.

Need more proof?

Head over to Kraken’s Security page to see how we help protect you at every step of your crypto journey.

Get started with Kraken