Is Gemini Safe?

James HeadshotAuthor: James Page
Last Updated: November 2020

Disclaimer: We may receive a commission for purchases made through the links on our site. However, this does not impact our reviews and comparisons. Learn more about our Affiliate Disclosure.

What makes a cryptocurrency exchange safe in the eyes of its users?

First of all, the exchange has to be licensed and regulated by at least one financial authority. This includes complying with AML and KYC policies to avoid the risk of illegal activity. It has to provide both platform and account security measures, be transparent about any security breaches, and prompt in resolving them.

Today, we’ll discuss Gemini, a popular crypto exchange from the States, and outline its security practices to see whether it matches our requirements.

Let’s get started!

What’s Gemini?

Gemini is an American crypto exchange that was founded in 2015 in New York City by the Winklevoss twins Cameron and Tyler, which is how the exchange got its name. Gemini is one of the top five platforms in the States, with outstanding trading volumes.

Gemini logo

Visit The Site

The Winklevoss twins are famous for the lawsuit they filed against Mark Zuckerberg, Facebook’s founder, in 2008, claiming he stole the idea for creating a social networking site from them. The twins used the money they won from the lawsuit – $20 million in cash and $45 million worth of Facebook shares – to invest in numerous crypto projects and later on found Gemini.

Gemini supports a couple of popular coins like Bitcoin, Bitcoin Cash, Ethereum, Litecoin, and Zcash. To trade on Gemini, you need a bank account because that’s the only way to make a deposit. The exchange doesn’t accept credit or debit cards. However, if you plan on trading crypto to crypto, simply fund your account with one of those assets.

Gemini applies a maker and taker fee schedule in combination with your trading volume. The fees start at 1.00% for light traders (makers and takers) and can get as low as 0.10% for takers or 0.00% for makers as your trading volume increases.

Platform Security

Security is the number one priority for this exchange. Gemini takes great effort to provide protection from external fraudulent activity, human error, and any inside attempts to take advantage of sensitive data.

Gemini is licensed in New York and complies with the regulations set by the New York Department of Financial Services. The exchange has won plenty of accolades from different financial institutions.

In 2019, Gemini became the first exchange in the world to successfully pass a SOC 1 Type 1 examination conducted by Deloitte & Touche LLP, demonstrating a high level of financial operations compliance.

A year later, the exchange passed the SOC 2 Type 1 and 2 examinations that focused on security compliance. Both SOC 1 and 2 are internationally recognized achievements in the financial industry.

Moreover, it’s compulsory for Gemini employees to undergo a criminal and credit background check, not only when they start working for the exchange but throughout their employment as well.

Gemini stores the majority of customer funds in cold storage, i.e. in hardware security modules (HSMs) that have achieved at least a FIPS 140-2 Level 3 rating. These vaults, as well as the private keys, are geographically distributed in a number of surveilled and secured facilities. There’s also a multiple signatures verification to move any funds from the cold storage.

To keep its clients’ minds at peace, Gemini provides insurance on fiat deposits held in users’ accounts. The prerequisite to be eligible for this Federal Deposit Insurance Corporation (“FDIC”) deposit insurance is to be a citizen of the US and have your account linked with a US bank. The standard deposit insurance has a $250,000 limit.

Account Security

Two-Factor Authentication

Gemini, like most reliable exchanges, recommends activating the two-factor authentication method during the account setup. This method verifies that you possess two or three preset factors before it grants you access to your account.

Factors tend to be something you know (e.g. a password or PIN), something you own (e.g. mobile device or hardware key), or something you are (e.g. biometrics or an ID).

Gemini suggests using the Authy authentication app instead of SMS verification because it’s more secure. You should simply download the app to your computer or smartphone and use it to generate one-time token numbers.

Hardware Security Keys

Recently, Gemini has added another layer of protection to the 2FA. The exchange has partnered with WebAuthn (“Web Authentication”) to offer support for either one of the following hardware security keys: Yubikeys, Feitian keys, Trezor and Ledger hardware wallets, MacOS TouchID, and Windows Hello.

This USB like device can be one of your factors for the 2FA and verify not only your identity and credentials but also the website URL you’re logging into.

Withdrawal Address Whitelisting

The withdrawal address whitelisting is an optional security feature provided by Gemini. Once activated, this feature lets the user compile a restricted list of addresses that are allowed to make withdrawals from the user’s account or ban withdrawals altogether – a useful option to keep your account safe when you’re traveling.

You should keep in mind that once you add an address to the withdrawal whitelist, you need to wait 7 days for Gemini to approve the request. Therefore, it’s better to complete any urgent withdrawals beforehand. In case you change your mind and want to deactivate the list, you’ll have to send your query to Gemini’s customer support.

Conclusion

The fact that Gemini has never been hacked hardly comes as surprising judging by the state-of-the-art security methods that the platform offers from the start. The team’s commitment to safety and building trust in online platforms is evident from the fact that Gemini is the first crypto exchange to demonstrate a SOC 2 Type 1 and Type 2 security compliance.

Gemini provides insurance for your fiat deposits, cold storage in hardware security modules for your funds, and encryption on sensitive data. It offers 2FA plus hardware security keys and withdrawal address whitelisting. And in the event of an unauthorized login, you have the option to freeze your account until the problem has been solved.

The final judgment is yours to make but we definitely recommend this platform.

Visit The Site

About The Author

James Page

James Headshot

James is the main editor. With a passion for finance and anything blockchain, cryptocurrency is right up his alley. He's responsible for most of the content on the site, trying his best to keep everything up to date and as informative as possible.

Disclaimer: Digital currencies and cryptocurrencies are volatile and can involve a lot of risk. Their prices and performance is very unpredictable and past performance is no guarantee of future performance. Consult a financial advisor or obtain your own advice independent of this site before relying and acting on the information provided.