All of our content is written by humans, not robots. Learn More
Crypto header

Is Safe? is well-known for its cash-back reward debit card and easy-to-use mobile app. But is it safe and secure? Let’s find out.

All of our content is written by humans, not robots. Learn More
Gabe Turner
Gabe Turner Chief Editor
Last Updated May 31, 2024
The content on this page is provided for informational purposes only. does not offer financial or investment advice, nor does it advise or encourage anyone to buy, sell, or trade cryptocurrency. It is advised that you conduct your own investigation as to the accuracy of any information contained herein as such information is provided “as is” for informational purposes only. Further, shall not be liable for any informational error or for any action taken in reliance on information contained herein.

Anytime money is involved, it’s always best to do your due diligence before using an app. That’s true especially for cryptocurrency. It may not be good as cash yet in most places, but the crypto market is lavish.

That said, we’ll go over one of the most popular cryptocurrency exchanges in the U.S., namely, They may own the Arena in Los Angeles, but that doesn’t automatically make their cryptocurrency exchange app safe. We’ll go over’s security practices, and explain to what extent it’s safe and how it may be risky. We’ll also consider some strategies you can use to stay safe while using

Let’s get into it! Help Help

Is Safe?

The short answer is that is one of the safer crypto exchanges around. It keeps 100 percent of customer funds in cold wallets, away from the prying hands of hackers. It also holds withdrawals to new addresses for 24 hours, allows for multi-factor authentication, and provides 24/7 customer support in case you need to report unauthorized activity on your account. implements all the standard practices of ultra-secure crypto exchanges, but no crypto exchange is completely free of risk — including In the next few sections, we’ll go over’s security practices in detail, and we’ll discuss what risks you are still taking if you choose to use In addition, we’ll discuss some ways you can stay safe while using

FYI: is best for beginning crypto users and buy-and-hold investors. If you’re more of a day trader who uses technical analysis to find entry and exit points, you may want to consider Binance instead. Security Practices

We briefly mentioned earlier the security practices implements, but let’s take a close look at each to fully understand how they make the platform safe. After all, you deserve to know how much it can keep you safe so you know which personal strategies to use if and when you sign up.

  • Cold wallet storage. Every bit of customers’ crypto is kept in cold wallets, disconnected from the internet. The company provides its own crypto to hot wallets so users can make withdrawals, and it reimburses itself from customers’ accounts when these withdrawals are made. That should make it impossible for the company to become insolvent from a hack, since it always has enough crypto stored offline to potentially reimburse users.
  • Secure software development lifecycle. To minimize the risk of security loopholes, uses static and dynamic analysis tools to evaluate its code before deployment. It also has a peer-review process it uses to catch errors.
  • Multifactor authentication. requires you to enter a passcode when you do just about anything on the app. It also requires a two-factor authentication (2FA) code from your phone and email whenever you withdraw. calls this “multifactor authentication.” It provides multiple layers that an attacker must bypass to successfully steal your funds.
  • Email warnings and withdrawal delays. We all hate transaction delays, but purposely delays withdrawals to new addresses for security reasons. Anytime anyone tries to withdraw crypto to a new address, the app will delay the transaction for 24 hours and send you an email alert. If it’s a fraudulent transaction, the delay will allow you enough time to contact customer support and cancel the withdrawal.
  • 24/7 customer support. If you suspect your account has been compromised, then you can contact customer service directly through the app. Staff is on hand 24 hours a day, seven days a week to investigate and block withdrawals if necessary.

Pro Tip: Depending on the state you live in, there may be crypto regulations you should be aware of.

Those are great security practices to have in place, but as we stated earlier, no cryptocurrency exchange is 100-percent perfect. There’s always some risks, but awareness of those risks will help you avoid them. So next, let’s look at the dangers of using Coin List Coin List

Risks of Using has top-notch security, but it isn’t perfect. Here are a few things to be aware of when using

  • Crypto is not FDIC-insured. If goes bankrupt and can’t pay you the crypto it owes you, then the FDIC won’t be there to bail you out. is not insured by the FDIC. There is, however, a $150 million direct insurance policy led by Arch Underwriting.
  • 2FA text messages can be intercepted. A common tactic of crypto thieves is to call your cell phone company and convince it to transfer service to the attacker’s phone. Once the service is transferred, the attacker gets your 2FA code sent to their phone through a text message. If they also have access to your email account, then they can access your account. With, the attacker will also need your PIN, so the app is more difficult — but still not impossible — to hack.
  • Emails are easy to miss. If an attacker accesses your account and tries to make a withdrawal, will alert you via email and delay the withdrawal for 24 hours. But this email can easily get lost in a spam folder or buried under other emails you receive that day.

>> Related reading: Is AliExpress Safe?

Despite these risks, it’s actually pretty simple to protect your crypto while using the app. I’ll go over some tips for protecting your cryptocurrency when using the app, but first there is another safety issue to discuss: the notorious hack of January 2022. Hack

In January 2022, staff admitted that it lost $30 million in a hack of the Because the exchange keeps all of its customers’ funds in cold wallets, however, none of’s 50 million users lost any crypto or cash.

The security team discovered that hackers had found a way to make withdrawals from compromised accounts without inputting 2FA codes, and 483 accounts were affected.

>> Also see: Is Cash App Safe?

In response, the team suspended withdrawals and required all users to reset their 2FA. It then credited the lost crypto back to users’ accounts and absorbed the losses on its own balance sheet, preventing any users from losing funds. Just a few hours later, withdrawals were reinstated and users were once again allowed to transfer crypto to their own wallets.

Once the emergency was over, implemented several new security practices that were intended to prevent a hack like this from ever happening again. These included:

  • A 24-hour delay in withdrawals to new addresses.
  • Migration to a new 2FA system that is believed to be more secure.
  • Hiring a third-party security team to do a full audit of the platform.

We think did a great job responding to the hack. It understood that users were not at fault, and it properly reimbursed them once it recognized the problem. Still, users were reimbursed after this hack only because it was genuinely not their fault. If a user negligently allows their account to be hacked, they won’t be reimbursed.

>> Also check out: Is DuckDuckGo Safe?

In the next section, we’ll provide some tips that will help you make sure you’re taking the proper steps to protect your crypto. It will make it more likely that you’ll be reimbursed if your account gets hacked, but, more importantly, it will also make it less likely that you’ll lose your crypto in the first place. Mobile Security Mobile Security

How to Stay Safe While Using

Here are a few techniques you can use to make it much less likely that an attacker will be able to steal your crypto from

  • For 2FA, use an authenticator app instead of SMS. Authenticator apps are more secure than text messaging because they do not depend on your phone service. An attacker may be able to transfer your phone service to himself. But if you use an authenticator app (like Google Authenticator), this particular attack vector is closed.
  • Use a strong PIN. One of’s best security features is its PIN requirement, which provides an extra layer of defense against attackers. But if your PIN is easy to guess, then it won’t be much help. Avoid using personal information (such as a phone number or Social Security number) as a PIN, and try to avoid repeating digits (e.g. 5555) or using sequential numbers (1234).
  • Use a strong email password. Your PIN can be reset by anyone who has access to your email, so make sure the password to your email account is strong. Consider using capital and lowercase letters, numbers, and special characters in your email password.
  • Set up an anti-phishing code. One common crypto scam is for an attacker to send an email that looks like it came from your exchange. When you click a link in the email, it takes you to a fake website login page. When you attempt to sign in, your login credentials are stored and then used by the attacker to get into your real account. To combat this type of attack, set up an anti-phishing code. Under the “Security” submenu of the “Settings” menu, click “Anti-Phishing Code.” Then click “Create Code.” Follow the instructions to set up your anti-phishing code. This code will now be included in any email from, which will help to distinguish fake emails from real ones.
  • Consider withdrawing your crypto from the app. Ultimately, you have to trust with any crypto you leave in the app. But if you withdraw it into your own wallet, then it’s no longer under’s control. If you aren’t actively trading your crypto, then consider transferring it into a private wallet.To do this, tap the “Transfer” button, and select “Withdraw” → “Crypto” → “External Wallet.” Click “+Add Wallet Address,” and follow the instructions to add your crypto address.

Following these steps should make theft of your crypto much less likely.

Wrapping Up is an excellent beginner-friendly crypto exchange. It makes buying crypto easy through a convenient mobile app. Most importantly, is a very secure exchange. Its app is mobile-only and requires a PIN for practically everything you do on it, and it delays withdrawals to new addresses for 24 hours. It also keeps 100 percent of customer funds offline, in a cold wallet.

All these policies combine to make an ultra-secure exchange.

Using any crypto exchange carries some risk, however, including We’ve gone over these risks, and we’ve provided some tips for how to minimize them to keep your crypto secure.

Now, here are some answers to frequently asked questions about safety. Safety FAQs

  • Is safe to store crypto?

    Yes and no. is a secure method to buy crypto and actively trade it, but an external hardware wallet is a more secure storage option if you plan to store large amounts of crypto for a long period of time.

  • Is safe for U.S. citizens?

    Yes. holds a money services business license with U.S. FinCEN, so it’s legal in the U.S. It also holds a money transmitter license in every U.S. state that requires it, except New York.

    It is also available legally in American Samoa, Northern Mariana Islands, Puerto Rico, and the U.S. Virgin Islands.

    If you live in New York, using is a violation of the app’s terms of service, making it riskier than other exchanges that are licensed in New York. New York residents may want to try Coinbase instead.

  • Where is based?

    Some people wonder what legal jurisdiction is located in. headquarters is listed on as 1 Raffles Quay, 09 06, Singapore, but, like most crypto exchanges, it probably has a fully remote workforce, which means there is most likely no one in the office. is licensed to operate in the U.S. and 49 states as a money services business. In addition to its Singapore headquarters, it also has listed offices in Malta, Ireland, and the U.K. Its executives are publicly known and very involved in the crypto community.

  • How do I withdraw money from

    Many readers ask how to withdraw cash from, because they worry their cash may be stuck in the app. To withdraw U.S. dollars from the app, first tap “Transfer” → “Withdraw” → “Fiat.” Then tap your USD balance and select “Withdraw USD.” Follow the instructions to add a U.S. bank account and complete the withdrawal.

  • Is safe to link my bank account to?

    Yes. uses Plaid to link your bank account to your exchange account. Your bank login info goes to Plaid, not, and Plaid is a trusted intermediary between banks and financial applications.

  1. (2022). Security Report & Next Steps.