Our Commitment to Security
Gemini’s security philosophy follows from three principles:
Building defense-in-depth against external threats
Protecting against human error
Guarding against misuse of insider access
Digital Asset Security
The majority of customer digital assets (e.g., bitcoin) are held in our offline (i.e., air-gapped) vaulted storage system (“Cold Storage”). Only a small portion of digital assets are held in our online wallet (“Hot Wallet”).
- Our Hot Wallet environment is hosted on Amazon Web Services (“AWS”). AWS has a proven track record for physical security and internal controls. More information can be found here.
- Tiered access-controls are applied to our production environment to restrict access to employees based on role, following the principle of least-privilege.
- Administrative access to our production environment requires multi-factor authentication.
- Hot Wallet key management is rooted in hardware security modules (“HSMs”). We use the hosted CloudHSM service provided by AWS, which offers dedicated HSMs within the AWS cloud.
- The specific hardware used by CloudHSM has been evaluated according to federal information processing standard publication 140-2 (“FIPS PUB 140-2”) and achieved a rating of Level 2.
Our Cold Storage system provides two tiers of offline storage dubbed “cold” and “cryo” (short for “cryogenic”) for improved security and redundancy.
- We use HSMs that have achieved a rating of FIPS PUB 140-2 Level 3 (or higher).
- All cold and cryo private keys are generated, stored and managed onboard our HSMs for the lifetime of the key.
- We use Multi-Signature technology (“Multi-Sig”) to provide both security against attacks and tolerance for losing access to a key or facility, eliminating single points of failure.
- All HSMs are stored in guarded, monitored and access-controlled facilities that are geographically distributed.
- Hardware is sourced from diverse manufacturers to guard against supply-chain risks.
- All fund transfers require the coordinated actions of multiple employees (i.e., all facilities are “no-lone zones”).
- We are a full reserve digital asset exchange. Customers may only trade from pre-funded accounts.
- All customer USD fiat funds are held in an omnibus account at an FDIC-insured bank located in the US.
- All customer fiat funds are segregated and legally distinct from our business and operating accounts.
- All customer USD fiat funds are eligible for FDIC insurance, subject to applicable limitations.
- Two-Factor Authentication (“2FA”) is required for every user account and may be required for actions other than session login, such as withdrawals.
- Strong passwords are required for every user account.
- All passwords are cryptographically hashed using modern, proven standards.
- Other sensitive user information is encrypted both in transit and at rest.
- Rate-limiting is applied to certain account operations such as login attempts to thwart brute force attacks.
- All website data is transmitted over encrypted Transport Layer Security (“TLS”) connections (i.e., HTTPS).
- We do not share client data, our TLS private key or access to our TLS private key with any third parties or vendors.
- We leverage the content-security policy (“CSP”) and HTTP Strict Transport Security (“HSTS”) features in modern browsers.
- We partner with enterprise vendors to mitigate potential distributed denial-of-service (“DDoS”) attacks.
- Internal-only sections of our website use separate access controls and are not exposed to the Internet.
We typically only include links to public blog posts or other information relating to product announcements, and will never include unsolicited links to unaffiliated domains. We’ve also instituted policies for the gemini.com domain (and its subdomains) which signal to the largest email providers (e.g., Gmail, Yahoo Mail, Hotmail) to reject email messages that do not originate from sources we have explicitly authorized. Regardless, customers should always be careful when clicking on links in emails received from suspicious sources, or emails that just seem out of the ordinary. Please always take a second look at emails which look suspicious. You can contact email@example.com to verify an email’s authenticity, and we also encourage you to forward suspicious email messages to firstname.lastname@example.org.
- Multiple signatories are required to transfer funds out of Cold Storage.
- Our CEO (Tyler Winklevoss) and President (Cameron Winklevoss) are unable to individually or jointly transfer funds out of Cold Storage.
- Our offices do not store or contain anything of value. All private keys are stored offsite in secure facilities (see Digital Asset Security above).
- All employees undergo criminal and credit background checks, and are subject to ongoing background checks throughout their employment.
- All remote-access by employees uses public-key authentication – no passwords, one-time passwords (“OTPs”) or other phishable credentials are allowed.
If you have any questions or concerns about your Gemini account – or believe there has been an unauthorized login attempt and/or transaction that you do not recognize – please email our customer support team at email@example.com or call user support at +1 (866) 240-5113 (toll-free in the USA).
Reporting Security Issues
If you believe you have identified a security vulnerability on our online platform, we would like to hear from you. Please email us at firstname.lastname@example.org. You can use our PGP key to the right to encrypt your communications.
-----BEGIN PGP PUBLIC KEY BLOCK----- mQINBFk60lUBEADr5sxL1Vpi6aqZ4mrgJeylFWD3kkkLwtVFhgQizSpyU/V9+zxi NG9Zna0pMl12vNF7xyB58jU2EpAgY3t94hV8KHsaiw11d673PHWaPZzPCey+gQw4 qRovUPkRN/E0zHJPCR+mfa4H/s0UZ5WiliquIz0Img8rp/0VM7yJgROfNOp+HPFu EkXkkYzrxb8A4lvY4Z3IjaLby80C59upY/CIOsyWGB5mjNyK6N1wA55jJK1xP08A /otcBWzGMv7rKxrdVhtIQfMoQTlHgUAxLzt/o70Dq1HAsV4FQi3deQjR3c1X99yh EAN1cVqMJ+NeW31yjXmRBXzTlqoFTwT24YZWgE5QWd3scl3daop65yi0DFCH+J7Q 6JIRSol4JYnpqfnIN6VAu08EJUaiQ/6IL3hDT+FfOt+hkzoC4krvoiUuyOWc3IdA uq2mxYtONmkOoseAeVKoTvYkQfbeBg22QzOgmpE9Hl6kW0NIz4PVS5y+1Ohp+YTM vnG6m3tP+aPEObCxt/s/FrT7msAUVPvsqhBN4UwKCbduvPLj+AWKqwBecMBIYT/w bdz50JxYhewdzoRjw/IuQbxL+XzX4Pd8J60xjmg51t0u+FfOV7Wy76YSj+jq/wjU wfnrk0avDbgzObLmc+Qa7QxHiRDYnR2k4Qgj94PKCgETVxaGJ/6UPUi0CQARAQAB tCpHZW1pbmkgU2VjdXJpdHkgVGVhbSA8c2VjdXJpdHlAZ2VtaW5pLmNvbT6JAj0E EwEIACcFAlk60lUCGwMFCQWk7AAFCwcJCAMFFQgJCgsFFgIDAQACHgECF4AACgkQ g1vB4LIpRo4dCxAA0kWRYDFEnZi0WF8kzDS7aZ0ogO87ibHcTxuxTL+sL5xJMipI +p1eNv9/dAdYXgrc0im4wgRSWkRvghu8sjXj927TGMgK9wDqNmgybGEqXjCHiX5/ mUMAlj/AvgJ56RrOZBh6m3IG4InQA9mH8cCJrG3onCR996cNvLFczp5t+wlJsB1y HhWj38W6gQNBkL+HKBwk6UgwPatWzx+l3SFjdeeN1PEu+VPZ/bXLUNBLul01Wrnp Cl/Jx10NE8j3LOobdwsuIhGZkouN0EU56AKIiWhaCmN6u/zFEHWXRroIxk/i+0Me /lKL6640Y79Uy4qXpVQz3ZsHt6zDyObaqx570brDU+4GAM6bJk3BhRj13csYvgjO bVi77omkljtmhqChM7wDbvPfcWmh1j41RouiaySPRZoUHvz2uKiHECmlKnl7fKqg vkyS63GtgTRzqdvj5nYDMQgkXClEcA8uueABi/DSAj3idz0SwNiJJ2dLIAQaiCAO Cfx4AsPJ9lzkPN6VggDZkhR/ORIeWaI/YovVzA1I9FLOhN9KENsvIBJ2uccoO1RT nddX5lzSZlqZIQbpfR/Sbl/NvIPgrhpfXOgAknLUUtGdQ9iZuseypxYRpd6Xba7f nz4EcSfIg/ZDoeZDrnrnh16k46tmZBroEFwTyevN182PZAL1DqKcySboJve5Ag0E WTrSVQEQANIf+syvC/2yzLe6wIrtZas8k3agZf2N8rtF5RVOc/IB1RPnSA7dylgb Mq6ICOquF9lxN+MhqieDgkjEvllNeSOIqZdqdMNQ6gELlBF3nARSRWXf6uSu2E5B NzRYEIAcQNi86j/XOLzCOMR+vQbM9cW4EwjYXvHyRdGq81Y3g72izqjE4Kb+Qy5O oYmIVM5ScFVrATN9w4v5SpuwQktIFcqX49USXJN+/F3jV4amgiTjF6V30qdkhL2K jla+f7aOYbSxsZ1YE3Bhk6ByJVj/zmwKXTTEp/uGOqxWA411Mo3u0g7L0QC8su6v XGnpZ2hc8gWDK1B/ZBzqcbW8OUi0APdrjGExg6Kyn1ozGM/lD5TjFyfpX/YCX9b3 b8SL0RX8GOmizvr9OBbWabjA3PiLhfVv6B8idwOQ1YnX1s4k+9lXZWfRKA29NJ0y rO/2Vq+qpZf8SNINTXeBZN/ArMSIuqYaleTwswoX81gjqqvCT6XAcBpoFPyuCB6Q /aUWTwq6oP/DajwSuzVHowNBsx8MZcW8BLdoBvda28IF9Cz5X07crWUDA1MfPSum oOiMAqT6R0j83JcGcw788Dxt+uk5xyQ9zhPi0WdkwmIXkLapOOg0/FeU6HVj4gW+ ig+PYDSx62pJywQNUy2cKyS9nWviBHAmlEnKnxFuc9RwHu9pzA7HABEBAAGJAiUE GAEIAA8FAlk60lUCGwwFCQWk7AAACgkQg1vB4LIpRo7ETA/6AiobX9SNfnjMgCeO i/yv+Hy1SDSgfkVgBgfXDAkiNeWBatrXOJ782g2n9TdS6Tke9hnP8yK6bLWx8CjX e1MwoigX5gTwBw+I7Z//5nZaCkAHk6ALqZHJ6oeeli4a6IdwrhLYf9ryTPmOxUwa 7naEwdwH103/HhoZmov3uAX2J2Pa+2xxqnc7tLQp4LyHANkCh+FmNG0Fw7+0eUue tslt/6mq3BT6lifEiukd3YI/DimDSY2djPxj9XykiXVnAYMv4+o7QkKL1h4ArHBO IHpyNasOrGEJvB242djL1+w1Tp6BUEovUs+CsHsq8b/QZGg1HEsYbjFD3HeIuYtv BsAs6zZwweXOtPa3X/HrE8xtX6yVr89vbcLKw/0+GBUH698ltDVkXrG2x0ONiY8C UGm2v+aXdRR758o/KS+aqx423tzMZLbhL8d/69KxKga9eyHsYURlImpE2uN+XFSm Z+vAn2jqNFT+uXKc6Sg4YqnzwWwyCyEJ1hPl6CM6wyGl6FIywZRLwYsY5xiH1tKt DPqLevFgxqbL1HWq8+nlpVqRtHCmhBZrwEdD7agqWBdOTt+2JJEUy5tDyGA+B7bW sKBxv07AMMejVKk/HUrZ6MXIq0gmS/7cFTLn423OsoyRa52XtnnR8H02Et3TOt4D FFYeZjYxBKfgUedvMDP9E6ZAE9k= =D9fK -----END PGP PUBLIC KEY BLOCK-----
Vulnerability Disclosure Philosophy
Our security team supports responsible disclosure. We will acknowledge valid and original (i.e., the first reported instance) discoveries on our website with the name of the security researcher(s) responsible. While we do not have a formalized bug-bounty program at this time, we may choose to do so in the future. In the event that a monetary rewards system is developed, we may, in our discretion, pay monetary rewards in bitcoin, subject to applicable laws.
Our commitment to security researchers is simple: we will not retaliate against researchers who report issues privately and in a responsible manner. We will do our best to reply to reports in a timely fashion and periodically update you on our progress with respect to investigating or remediating any issues you may have identified.
Gemini Security Team