Kriptomat is a self-service exchange and all actions and transactions are under your control and responsibility.
The Kriptomat team takes security extremely seriously. That is why we have implemented multiple organizational and technical security measures. Having that in mind, we prepared some security recommendations for you, and we suggest that you follow them:
Do not allow anyone to access your account or use a remote desktop app to take control of it
You should never ever allow anyone to access your Kriptomat account and trust the person to make actions and transactions in your name. This can result in account manipulation and permanent assets loss.
Use unique credentials for both Kriptomat account and email account
We can’t stress this enough: please do not reuse the password for your Kriptomat account anywhere else. Apart from being unique, your password should be complex and changed periodically (e.g every two months).
You can go even further: create an email account that will be used only for purposes related to Kriptomat.
Enable Google 2FA
Google's two-factor authentication (2FA) is considered slightly more secure than 2FA based on SMS. We strongly suggest using this security measure on your email account that you use for Kriptomat as well.
Communication with our customer support and us
Kriptomat Team members will never, ever call you and will never ask you to install any applications on your device. The only exception here is that we recommend you to install the Google Authenticator app on your mobile device in order to enable Google 2FA.
The only channel that we use for customer support is our chat. This means that we will never contact you via phone. If someone contacts you via phone, they are an impersonator.
Please contact us immediately if that happens.
Our official social media accounts are:
Beware of fake websites - possible clones of Kriptomat
Simply bookmark this URL: https://app.kriptomat.io/login and use that bookmark to access Kriptomat. If you find a website that is pretending to represent Kriptomat (this is called a phishing attempt), please let us know immediately.
Kriptomat allows you to see data about every login session made to your account. Navigate to the Settings > Security section where you can see information about time, location, IP address, and the used browser for each sign-in and sign-out made on your account.
Pay attention to email and SMS notifications
You will always receive email notifications for all sorts of actions on your Kriptomat account. You will receive it for logins from new devices, for purchases, deposits, withdrawals, etc. Pay attention to these emails to make sure that it is you who is making these actions. If you ever have a suspicion that it wasn’t you, then contact our support immediately. Get in touch with our chat support on the website or write an email to [email protected]).
Do you still have any questions? Use the support chat to contact our support team or send us an email at [email protected]