No. Bitpanda Enterprise Custody does not expose private keys to users through BE Custody Web or the Bitpanda Custody iOS app.
Users interact with custody workflows through authorised interfaces, configured roles, approval processes, and signing flows. They do not need to view, copy, export, or manually handle private keys as part of normal custody operations.
Why are private keys not exposed?
Private keys control the ability to authorise blockchain transactions. Exposing private keys directly to users would increase operational and security risk.
By keeping private keys protected within the custody architecture, BE Custody helps organisations reduce risks such as:
- Unauthorised key access
- Inappropriate sharing or storage of sensitive key material
- Manual handling errors
- Loss or compromise of private keys
- Weak separation between users and signing infrastructure
- Uncontrolled transaction signing outside approved workflows
How do users authorise activity without seeing private keys?
Users authorise activity through controlled BE Custody workflows.
Depending on the organisation’s configuration, this may include:
- Role-based access
- Transaction creation permissions
- Transaction review and approval
- Quorum approval
- Governance workflows
- The Bitpanda Custody iOS app
- Audit history and operational records
The exact workflow depends on the organisation’s custody model, user permissions, and configured approval rules.
Can users export private keys?
Private keys are not available for export through normal BE Custody user workflows.
If an organisation has specific requirements relating to key material, portability, migration, or custody model changes, these should be handled through approved commercial, legal, security, and operational review channels.
Do not attempt to extract, copy, or recreate private keys outside approved processes.
What about seed phrases?
Users should not receive, enter, store, or share seed phrases as part of normal BE Custody operations.
If someone asks you to provide a seed phrase, private key, recovery phrase, or similar secret in connection with BE Custody, treat this as suspicious and follow your organisation’s escalation process.
What should users protect instead?
Although private keys are not exposed to users, users still need to protect their own access and approval credentials.
Users should protect:
- BE Custody login credentials
- Email account access
- Approved devices
- Bitpanda Custody iOS app access
- PINs and local authentication methods
- API keys, secrets, and access tokens, where applicable
Do not share passwords, PINs, authentication information, API credentials, private keys, or seed phrases.
What should I do if I suspect key or credential compromise?
If you suspect that credentials, API keys, devices, or approval access may have been compromised, act immediately.
You should:
- Stop approving new requests
- Follow your organisation’s security escalation process
- Contact an appropriate administrator or security contact
- Contact Bitpanda Enterprise Custody Support through the approved support channel if support is required
Include relevant user, device, wallet, transaction, API, and timing details where available.
Do not include passwords, PINs, private keys, seed phrases, API keys, API secrets, or other sensitive authentication information in a support request.