Trust is our product.

Our founders, Cameron and Tyler Winklevoss, were early investors in cryptocurrency and struggled to find a platform where they could securely manage their growing portfolio. Out of that frustration and lack of trust, they built Gemini to deliver the first trusted platform that focused on strong security controls and compliance.

Today, every employee at Gemini continues our founders’ focus on security and compliance, in order to build trust. Gemini has built a leading security program focused on developing innovative security solutions to help protect and secure our customers and their assets. We have also invested considerable resources to remain transparent about our security posture, through third party security assessments, including our SOC2 Type 2, ISO 27001, and annual penetration testing.

AICPA SOC Ceritfied
Gemini ISO 27001 Certified

Contacting the Security Team

Reporting Fraud or Abuse

Reporting Fraud or Abuse

We’ve built a rules-based marketplace with security at its core, so that our customers can focus on building their crypto portfolio. Our team is ready to help should you encounter fraud or abuse. We recommend you take a moment to visit our Trust and Safety page, which contains materials to help users avoid fraud and spot scams.

Report Fraud or Scams

Coordinated Disclosure Program

Coordinated Disclosure Program

We welcome contributions from security researchers to help us build and secure the future of money. To submit a security vulnerability to Gemini, or to learn more about our coordinated disclosure program, please visit our HackerOne page. Impactful vulnerability submissions will be considered for inclusion in Gemini’s private bug bounty program.

Disclose a Security Vulnerability

Valid Gemini Communications

Gemini does not offer phone support. All support is provided via email. You will only be contacted via a valid Gemini email. Emails from Gemini will always end with the domain name. For example, emails from or from the sub-domain are valid Gemini email addresses, because they end with

Is valid icon

Is valid icon

Is valid icon

Industry Leading Security Controls

Trust is our product, which begins by building and maintaining a secure customer experience. The following provides information about the leading security controls we’ve implemented to secure customer accounts and assets, and mitigate the risk of insider threats.


Account Security

We build innovative security solutions to better protect our users and their accounts.

  • Two-Factor Authentication (2FA) is required by default, in order to access your account and make withdrawals.

  • Support for hardware security keys, like Yubikey, allows for a more secure 2FA experience for account access.

  • Address allowlisting allows users to restrict cryptocurrency withdrawals to allowlisted cryptocurrency addresses.