Security at Bybit
Your security is our top priority. We employ industry-leading practices to protect your assets and data.
Cold Storage
95% of all user assets are stored in multi-signature cold wallets across geographically distributed locations.
Cold Storage
Proof of Reserves
We publish regular Proof of Reserves reports verified by independent third-party auditors.
Reserve Ratio
Infrastructure Security
Multi-layered defense architecture with DDoS protection, WAF, and real-time intrusion detection.
Uptime
24/7 Monitoring
Dedicated security operations center with real-time threat monitoring and incident response.
Monitoring
Account Protection Features
Biometric Authentication
Support for fingerprint and face recognition on mobile devices.
Hardware Key Support
YubiKey and other FIDO2/WebAuthn hardware security keys supported.
2FA Required
Two-factor authentication via Google Authenticator or SMS for all critical operations.
Anti-Phishing Code
Set a personal anti-phishing code that appears in all official Bybit emails.
Withdrawal Whitelist
Restrict withdrawals to pre-approved addresses only with a 24-hour lock period for changes.
Login Notifications
Instant alerts for new device logins, IP changes, and suspicious activity.
Certifications & Programs
SOC 2 Type II
Annual audit of security controls and operations.
ISO 27001
International standard for information security management.
CSA STAR
Cloud Security Alliance certification for cloud security.
Bug Bounty Program
Up to $100K rewards for security researchers.
Security Updates
Completed SOC 2 Type II annual audit with zero findings.
Launched hardware security key support for all users.
Published first Merkle Tree Proof of Reserves report.
Upgraded cold storage infrastructure to multi-party computation (MPC).
Achieved ISO 27001 certification.
Expanded bug bounty program to $100K maximum reward.