Fireblocks has received the Cryptocurrency Security Standard (CCSS), a first-of-its-kind certification that was built as a security standard for crypto wallets and custody.
Focusing on storage and usage within an organization and augmenting standard information security practices, the certification was created specifically for the crypto industry. For example, it analyzes how a provider generates keys, the hardware it uses and how the policy and workflow engine works, as well as the cybersecurity controls used.
Fireblocks received a level three certification – the highest there is – and the one most suitable for enterprises. To win the level three standard, “multiple actors are required for the all-critical actions, advanced authentication mechanisms are employed to ensure authenticity of data, and assets are distributed geographically and organizationally,” according to accounting firm Deloitte.
Fireblocks is the first company to meet all requirements for this level.
“An in-depth and rigorous audit was conducted of Fireblocks’ people, processes, and technology components for compliance with the CCSS and found that Fireblocks went above and beyond the CCSS Level 3 requirements,” said Marc Krisjanous, the CCSS auditor who led the exam.
The CCSS was first built in 2014 but no company in the crypto industry has so far met the necessary standards to receive it. Specifically, start–ups in the space don’t follow security best practices and every system that was subject to breach in the past didn’t pass level one of the standard, Deloitte said.
“I think the reason why we were able to be the first one to get this certificate – we got it within four months of intensive interrogation – is the expertise that we have from working with leading banks that already took us through a very similar process previously,” Michael Shaulov, co-founder and CEO of Fireblocks said.
Fireblocks’ clients include Bank of New York Mellon (BNY Mellon), Robinhood and fintech company Revolut, among others.