We’re trusted to onboard millions of users to their favorite products. We sweat the details so you can operate securely.
A secure stack must be designed for failures. Privy works with security experts to review and threat model all systems and infrastructure. Our infrastructure has gone through several rounds of security reviews and pentests, and we undergo these reviews on a regular basis to surface and address new issues.
Whether they connect with third-party wallets or leverage embedded wallets, your users’ keys are their own. All Privy architecture is designed to be self-custodial, meaning only your user can access their private keys, and they must always be present to take action with their assets.
Privy leverages best-in-class infrastructure to secure all user data. We run on Amazon Web Services (AWS). All data is encrypted at rest via AES-256-GCM and transferred encrypted using HTTPS/TLS 1.2. We leverage modern key management systems to encrypt and tokenize sensitive information so it can only be accessed by authorized parties.
All engineering is security engineering at Privy. We build layered security measures into our product, infrastructure, and operational work. Product and architecture design starts with threat modeling all systems and infrastructure - we set security requirements hand-in-hand with product requirements. In our implementation, we maintain strict review, CI/CD, and isolate access to data by least-privilege.
Read more about how Privy works. Audits available to enquiring customers.
Privy leverages industry best practices around secure authentication. We verify accounts with short-lived one-time codes enforcing rate limits, and request origins. Access tokens are JWTs signed by Ed25519 keys specific to your app.
All traffic is encrypted with TLS >= 1.2 and HSTS and is routed through Cloudflare. Services are run in private VPCs on AWS. All API requests must be authenticated with an API secret.
At wallet creation, an isolated iframe generates a keypair with 128 bits of entropy chosen at random using a CSPRNG, and converting these via BIP-39. Private keys are split using Shamir’s Secret Sharing. The full private key is never persisted anywhere so only the user can access it.
We know wallets are not one-size-fits-all. We set strong standards and enable users to upgrade systems to match their needs. Users can layer on defenses like linking additional sign-in methods and adding auth and transaction MFA to their accounts as their assets grow in value.
Think you’ve found something? We’d like to hear from you. Want to get access to our BBP? Reach out to security@privy.io for an invite.
Privy works with internal stakeholders, advisors and third-party auditors and pentesters on our security posture. Our work here is never done and we are continually improving our systems to meet an evolving threat landscape.