Legal

Security & Reliability

Last updated: April 1, 2026

KryptoPay is designed to help merchants accept stablecoin payments with confidence.

Security principles

  • Non-custodial design so merchant funds are sent directly to merchant-controlled wallets unless expressly stated otherwise.
  • Careful handling of sensitive credentials, with customers responsible for storing their API keys securely.
  • Webhook authenticity protections so merchants can verify that an event came from KryptoPay and was not modified in transit.
  • Restricted internal access based on role and operational need.
  • Monitoring and logging designed to support troubleshooting, abuse detection, and incident investigation.

Reliability principles

  • Payments are monitored against expected details and should only be treated as successful after the required confirmation threshold is reached.
  • Payment flows move through a clear lifecycle such as requires payment, pending confirmations, succeeded, or expired.
  • Test and live environments are separated to reduce accidental cross-environment misuse.
  • Operational events such as payment state changes and webhook delivery attempts are recorded to support traceability and recovery.
  • The product aims to reduce operational mistakes by making important data visible and sensitive data appropriately restricted.

Reporting security issues

If you believe you have found a security issue, contact hello@kryptopay.xyz.

More legal pages

Privacy PolicyTerms of ServiceCookie NoticeData Processing AddendumAcceptable Use PolicySubprocessorsBilling and RefundsRestricted Use Policy