Gemini, the New York regulated bitcoin exchange company, announced that it has introduced support for hardware security keys via WebAuthn (Web Authentication). Users of the exchange can now apply USB security keys (e.g., Yubikeys, Feitian keys, Trezor, and Ledger hardware wallets, MacOS TouchID, etc.) as their two-factor authentication (2FA) method when signing in.

Using hardware security keys via WebAuthn to secure a Gemini account provides hardware-backed, cryptographic proof that it is the real user signing into their account. This helps stop someone else from signing into their Gemini account even if they have the password. Using hardware security keys via WebAuthn also ensures users only submit two-factor credentials to the actual Gemini website and not a malicious website pretending to be the Gemini website.

To further boost security, two weeks ago, Gemini released a self-service tool called Withdrawal Address Whitelisting. When enabled, a user’s assets may only be withdrawn from their Gemini account to specific crypto addresses.

Note that the Gemini Mobile app does not currently support WebAuthn for 2FA because native support for WebAuthn on mobile is limited and not all iOS and Android devices can physically accept a security key.