We keep your cryptocurrency safe
The security of your crypto is our top priority
We store the majority of customer cryptocurrency in “deep freeze” using a multi signature wallet where the keys are generated and stored entirely offline and offsite. The keys are managed entirely by Bitgo Custody, the world's most secure and compliant digital asset custody solution.
A multi-signature hot wallet is used to facilitate instant Bitcoin transactions. Backups of the keys are stored offline in geographically dispersed safety deposit boxes. Three keys are required, with one stored by an external custodian to ensure additional security. The external custodian also enforces velocity limits.
Private keys are stored offline, and offsite, on a machine not connected to the internet or other networks. This significantly reduces the attack surface since physical access is required. The airgap machine is stored in a safe, inside a managed security vault, at an undisclosed offsite location.
Two-factor Authentication (2FA) is supported to provide another level of authentication and ensure complete peace of mind.
With 2FA enabled, you will add an extra layer of protection to your account: a one-time code that can only be generated on your smartphone.
Passwords are stored in hashed form: nobody other than yourself ever has access to your password. We make sure that users use a strong password when they sign up with Luno.
We recommend using Lastpass, Keychain, Keepass or another reputable password manager to generate and keep track of a strong password.
Luno ensures that you authorise any High-risk actions that are performed on your account, such as sending crypto from your account.
Your personal and financial information is only stored and processed in cloud services that meet our strict infrastructure security requirements. This information is only collected and shared in accordance with our Privacy Policy.
Our infrastructure is hosted on Amazon Web Services, which offers a secure environment for Luno services to ensure the safest possible access control, data encryption, monitoring and isolation.
Our internal networks are protected by firewalls and not exposed to the internet. All internet traffic is also encrypted to the same standard as external services. Our firewall policies are designed to allow minimum permissions for different applications and roles to interact.
All application and database servers are running inside private networks, with isolation between staging and production environments. Public-facing services are made available by dedicated load balancers that only handle HTTPS requests.
All Luno employees are required to use cryptographically-secure Multi-Factor Authentication such as hardware U2F keys to access internal services. Engineers do not have access to application credentials or production servers. All deployments are performed independently by a deployment server.
As part of our hiring process, candidates must pass criminal background checks before becoming a Luno employee.
We keep our members updated in real-time using our Status page, which has the current status of our services, details of any current incident, and information about upcoming scheduled maintenance.
We work with an active community of security researchers through our Bug Bounty Program to continually improve the security of Luno and our members’ funds.
Luno adheres to the BSI Information Security Standard. Complying to this standard helps us continuously identify risks and manage or eliminate them.
Buy, store and learn about Bitcoin, Ethereum, XRP and Litecoin now
