Security measures

An overview of the steps we take to ensure the security and reliability of the Bitvavo platform.

Industry leading security

Keeping your funds and data safe is our top priority. Bitvavo and its employees follow strict security protocols; from how we handle funds to how we screen our employees, we hold ourselves to the highest standards. Discover the advantages of the security features Bitvavo offers its users.

Your account

Protect access to your account by enabling two-factor authentication, setting-up an anti-phishing code and by managing your enabled devices. Protect your funds by managing your address whitelist, and control API access using permission-based access and IP whitelisting.

The platform

Gain an insight into the measures we employ to protect your data, funds and the overall availability of the platform, including multi signature cold storage, a robust organizational setup, advanced logging and monitoring, employee screening and regular external penetration tests and code audits.

Cold storage

The vast majority of your digital assets are stored in offline cold wallets in secure locations. Access to the wallets is regulated by strict security protocols.

Vaults

Bitvavo backs up critical data in bank-grade vaults with 24/7 monitoring. Our vaults meet the requirements of safety category 4+, the highest security category in the Netherlands.

Multi signature

Large transfers can only be initiated by a select group of executive team members and always require manual verification and approval from multiple people.
Asset safety

Custody providers

Bitvavo has partnered with two leading custodial services to store the vast majority of its digital assets on cold storage devices that require multiple signatures to initiate transfers.

Custody providers insured up to $755 million

Vast majority of assets in cold storage

Multisignature access required for transfers

Located in the Netherlands

Bitvavo is located in Amsterdam, The Netherlands and is subject to the EU's AMLD5 and GDPR legislations. A foundation called Bitvavo Payments has been created and operates for Bitvavo as a bankruptcy-remote vehicle to safeguard user’s funds.

Screened employees

All Bitvavo employees have passed a background check and have provided a certificate of good conduct. Our executive team regularly organizes security seminars to make sure all employees operate according to security best practices.

Security audits

Our code is reviewed by multiple specialized IT security firms, and penetration tests are regularly executed to try to breach our systems. On each major code change, this process is repeated to maintain the resilience and security of Bitvavo's systems.
Account protection

Secure your account

Bitvavo offers users multiple options to secure their account and funds. Optional security settings are presented and communicated as clearly as possible to ensure that Bitvavo users are well protected against security-related incidents.

Two Factor Authentication (2FA)

Device & IP management

Anti-Phishing protection

Uptime & redundancy

Bitvavo aims to provide continuous, uninterrupted service. To ensure reliable access, Bitvavo hosts vital services in multiple availability zones with automatic failovers. In case of an outage, traffic is automatically redirected to available services.

Certified data centers

Bitvavo uses data centers compliant with these certifications: ISO 9001, ISO 27001, ISO 27017, PCI DSS Level 1, SOC 1 - 3. These standards help Bitvavo achieve high levels of security and compliance for its infrastructure.

Auditing & monitoring

Bitvavo logs employee access extensively and employs advanced monitoring tools to detect abnormalities, including machine learning, anomaly detection, and integrated threat intelligence to identify and prioritize potential threats.
API protection

Access rules & whitelists

Bitvavo takes various steps to ensure secure and reliable API access for its users. Set up a secure API environment by explicitly giving read, trade, and withdrawal access to protect yourself against malicious requests or withdrawals.

Permission-based access

IP whitelist

Withdrawal address whitelist

Bitvavo B.V.

[email protected]

HomeLearnBlogSupportSecurityAffiliatesInstitutionalAbout UsCareersCountriesPress

LoginSign UpAssetsFeesStatusNetworksPro ModeAPI DocsTrading Rules

Buy BitcoinBitcoin PriceBuy EthereumEthereum PriceBuy XRPXRP PriceBuy CardanoCardano Price

User AgreementPrivacy NoticeCookie StatementCookie SettingsRisk DisclosureImprintDeveloper AgreementTrading Rules

Bitvavo B.V.

Trading digital assets involves significant risks. Digital assets are highly volatile and you may lose some or all of your investment. The information on this page does not constitute advice, and should not be relied upon as such. Bitvavo is registered with the Dutch Central Bank (DNB) with registration number R163129. More info can be found in our Risk Disclosure.

Bitvavo is registered at the Dutch Chamber of Commerce, number 68743424.