Security
Help Center
Scams and swindles: how to spot them and protect yourself?
Before any interaction, we invite you to ... Read more

Before interacting with any new person or entity, please check that they are registered or approved with the regulatory authorities, such as the AMF (Autorité des Marchés Financiers) in France. The list of PSAN (Prestataires de Services sur Actifs Numériques) entities can be viewed here.


In general, you can visit this link to find out more about the risks involved and how to protect yourself against them. You'll also find a number of contacts to help you.

Crypto-assets are being democratized and now reach a wide audience. However, certain aspects of this technology remain little-known, and some fraudsters can abuse it to steal funds. It's important to remember that any investment involves risk, and that it's essential to understand the basics before taking the plunge. To help you learn more, there are many specialized articles and videos available online. Always check the information you find to make sure it's accurate.

If you have any doubts or questions, don't hesitate to contact us by ticket or at [email protected].

Am I the victim of a scam?


The first step is to ask yourself these questions:  


- Are you being offered an investment with high returns?
- Are you dealing with someone who is offering you an investment that few people know about?
- Have you been approached by someone you don't know, recommended by a relative, contacted via a social network or after leaving your contact details on the Internet?
- Does the person you're interacting with sound attractive? Do you have regular contact with them?
- Does the person encourage you to make a quick payment? Are you in a hurry to complete any steps or procedures?
- Are you being asked to pay a large fee to start using a service or to receive your funds?
- If you've previously been the victim of a scam, has someone posing as a collection company contacted you?


If the majority of the answers to these questions are positive, or if you lack information, we invite you to be very vigilant and to contact us.

A few best practices


To help you avoid scams, we invite you to read the following recommendations:


- There is never any urgency when it comes to your money: urgency lowers your attention and mistakes can be made. The more pressure you're under, the more vigilant you need to be. Scammers play on this sense of urgency by calling you several times a day, sometimes even threatening penalties;

- An investment is strictly personal: for your own safety, never accept guidance by telephone or screen-sharing software;


- Do not respond to messages from strangers (SMS, e-mail, Whatsapp, Telegram, Facebook, Messenger, Instagram, TikTok, etc.): if an individual or entity contacts you claiming to have found funds intended for you, or presenting products with high returns, we invite you to be very vigilant. Fraudsters regularly use this pretext to charge you fees and services associated with the recovery of gains (processing fees, conversions, blockchain fees, commissions, etc.);


- Do not share your personal information with strangers: under no circumstances should your login or password be shared;


- Activate 2FA (2-factor authentication) on your account and mailbox: this is an effective way of preventing third parties from accessing and controlling your accounts;


- Search for reviews on the Internet: this can give you information about a service and verify its legitimacy before using it;

- Check the legitimacy of the person contacting you: to gain your trust, scammers sometimes assume the guise of well-known entities such as the AMF, exchange platforms like Paymium, your bank or other authorities such as law enforcement agencies (Police, FBI, Interpol, etc.). If in doubt, you can contact the entity concerned directly via its website or official telephone number;


- Always check the sender of your e-mails, and never click on a suspicious link: some scammers double, modify or delete certain letters to pass themselves off as legitimate organizations: Ex: Paymiium or paymium.cc


- Remain vigilant about comments or help given on forums: we invite you to stop all contact if some people ask you for confidential information or ask you to carry out operations against your interest;


- Ask as many questions as you need to: if the person remains vague or simply reassures you without answering ("We're professionals", "Don't worry", "This is the procedure", etc.), please be very vigilant.

With you every day


Since 2011, Paymium has been supporting you and ensuring the security of your funds on the platform. If you encounter a situation similar to those listed above, you can contact us at any time by ticket or at [email protected]. Our teams will support you and can provide assistance or information if you have any doubts.

What are the best practices in terms of security?
You will find below some best …Read more

You will find below some best practices to maximise the protection of your Paymium account, your mailbox and your crypto-currencies.

1- Please never communicate your Paymium account password.
Paymium will never ask you for it.

2- Your mailbox enables you to validate your outgoing Euro, Bitcoin and other crypto-currencies transfers.
Validation by email is a fundamental security element. Therefore, you should pay attention to the security of your mailbox.
- Use a different password for all your accounts (Paymium, mailbox or others...),
- Use complex and long passwords (more than 8 characters), incorporating capital and small letters, numbers and special signs (@ ,$ ,! ,% ,* ,# ,? ,& ,- ,/ ) for your mailbox and your Paymium account. You can also use a password manager to generate and store long, complex and unique passwords,
- Install a Two Factor Authentication  (Google Authenticator or Yubikey) on your applications, also called 2FA. On Paymium, you can install it by going to the 'Security' tab of your 'Profile',
- Install a 2FA on your mailbox,
- Never communicate your passwords and store them offline.

3- Make sure you do not leave any documents in your mailbox (outbox, drafts and trash), especially your identity documents, selfies and proof of residence or income.

4- Generally, we strongly recommend that you do not keep your crypto-currencies on the exchange platforms or just a minimum for your daily transactions.
It is better to store them offline on devices for which you own the private keys.
Make sure you never store your private keys on a device connected to the internet or another network.
If you buy a hardware wallet, make sure you only do so from the supplier's official website.

5- Beware of 'phishing': we invite you not to click on links coming from unknown addresses and persons.
Always check the URL (https + domain name) of the site you are connecting to.

6- Your crypto-currency purchases should be personal.
Do not let anyone take control of your various accounts.
Please do not send funds to a third party to invest for you, especially if they create an account in your name.
Only make purchases in cases where you are in control of the entire process.

7- Do not hesitate to encrypt your communications and documents. Read this article to find out more.

Where can I find my private keys?
You do not have access to your…Read more

You do not have access to your private keys.

They are kept offline for maximum security.

However, we offer free unhosted wallets creation service.
Please read this article to find out more.

What would happen to my crypto-currencies and my Euro funds if Paymium stopped operating?
Your Euro funds are kept by ou…Read more

Your Euro funds are kept by our banking partner.

Your crypto-currencies are kept by Paymium.

And your euros and crypto-currencies are not invested.

If Paymium were to stop its activities, an administrator would take care of the management of the customers' funds.
Concerning your euros, you are insured up to €100,000 by the Deposit Guarantee and Resolution Fund (FDGR).

What is a 2FA?
Two-factor authentication (2FA…Read more

Two-factor authentication (2FA) is an additional security measure.

An example of a commonly used 2FA is Google Authenticator. You can also use a Yubikey on Paymium.

Google Authenticator
Google Authenticator is an application to be installed on your smartphone that generates new codes at regular intervals.
The codes are 6 digits and are to be filled in after entering your email address and password.
We strongly recommend installing it on Paymium and your mailbox to maximise the security of your accounts.

You will need to download the application and follow various steps. You will find all the details by following this link.

To activate it on Paymium, please log in to your account and go to your profile to the 'Security' tab.
Please click on 'Activate' and then scan the QR Code on the screen or enter the code manually (you will find it under the QR Code).

Once your 2FA is recognised, please enter the 6-digit code found on your application and click on 'Validate' to confirm the installation.

Notice to Authenticator users developed by Google:

Following the recent Google CloudSync update, it is now possible to synchronize your 2FA keys across your various Google-connected devices.

We do not recommend this feature, as it does not enable end-to-end encryption, which could expose your keys and compromise the security of your account.For security reasons, we advise you not to synchronize your 2FAs across your various devices.

How do I disable this feature?

1. Open Google Authenticator → click on your profile

2. Select "Use Authenticator without account".

3. A reminder window appears, click "Continue".

4. Return to the home page and confirm that you have deactivated Cloud Sync.

How to install a 2FA?
Please download a 2FA app., su…Read more

Please download a 2FA app., such as Google Authenticator and follow the different steps.

You will find on this link all the details to download and set up Google Authenticator.

To activate it on Paymium, please log in to your account and go to your profile to the 'Security' tab.
Please click on 'Activate' and then scan the QR Code on the screen or enter the code manually (you will find it under the QR Code).

Once your 2FA is recognised, please enter the 6-digit code found on your application and click on 'Validate' to confirm the installation.

Notice to Authenticator users developed by Google:

Following the recent Google CloudSync update, it is now possible to synchronize your 2FA keys across your various Google-connected devices.

We do not recommend this feature, as it does not enable end-to-end encryption, which could expose your keys and compromise the security of your account.For security reasons, we advise you not to synchronize your 2FAs across your various devices.

How do I disable this feature?

1. Open Google Authenticator → click on your profile

2. Select "Use Authenticator without account".

3. A reminder window appears, click "Continue".

4. Return to the home page and confirm that you have deactivated Cloud Sync.

How to deactivate my 2FA?
If you are able to log in to y…Read more

If you are able to log in to your account
Please click on the drop down menu in your profile and go to 'Profile' and then 'Security'. You will be able to deactivate your 2FA at the bottom of the page.

If you are unable to log in to your account
Contact us at [email protected].

I have the error message 'Invalid or expired Google Authenticator code'.
In most cases, synchronising y…Read more

In most cases, synchronising your Google Authenticator application will solve this problem.

If you are on Android
Please go to your Google Authenticator application and then to your settings on the top right of your screen.
Please click on 'Time correction for codes', then 'Synchronize'. Then try again to enter your Google Authenticator code on Paymium.

If you are on iOS
Please go to your phone settings, select 'General' and then 'Date and Time'. In this section, please click on 'set automatically'.
If it is already selected, deactivate it and then reactivate it. Then please try again to enter your Google Authenticator code on Paymium.

If this does not work, please read this article.

What is a YubiKey?
A YubiKey is a physical device…Read more

A YubiKey is a physical device with a USB tip that plugs into your computer.
It can have several functions including generating a secure code.

A code is generated each time you press the button.

The YubiKey provides two-factor authentication.

How to install a YubiKey?
Please log in to your Paymium …Read more

Please log in to your Paymium account and go to the drop down menu, then select 'Profile' and 'Security'.
Finally, please plug your YubiKey in the USB port of your computer and activate your YubiKey at the bottom of the page.

How to deactivate a YubiKey?
There are 2 options:…Read more

There are 2 options:

- If you are connected to your Paymium account, please log in to your Paymium account and go to the drop-down menu.
Then, please select 'Profile' and 'Security'. You can then deactivate your YubiKey at the bottom of the page,

- If you are unable to log in to your Paymium account, please contact us at [email protected].

How to encrypt a document?
You will find below the public key...Read more.

You will find below the public key to encrypt your information with Paymium:

-----BEGIN PGP PUBLIC KEY BLOCK-----

mQINBF37v2cBEACiQajh7gE2gsESBbl1qDu9kcztGGu9DCdhEGjR4jbYyOuKIxakN68sdgtxCS6stYf4N
zzxoxY1OCjIZMTS+WVyZoVwJyCyZCo2/wwNp4F4y4Sry/eAHtImYEvTbqm18KSGrsVrj8wbHgQtAOyt
owbQbAjpCtY7WlQvc4HeAMm9ZZJE13buRhaFuHTUFdAZ3g48MeQ5K/91Lo7eBqqwTNxawqIXv9Fc4
7tnDtNJgUjiNlOUVx5jydHMVGWuUnuWXPzsZ8KsRDYkMffoRFj/kRYW+aJDh7iDA9cHJA4sZrnwEpRh
5NRqzOjsrqUKe2BxXCJpVgnrTdT7xO4denX6F6yaTC6Vk+GDBl0fr7XshObT16wCf7dKu3unZWULayri
NPufTbZFe6JysvxBze14ztathlKJ94mvfBl6jTnKC5UxzxuIxY9cmYgC1dqTfHBNo11AfZfeBZU5Se1q4W0
ub4RWW2URR5vX31h7OFu/S/8oQZvYN2eOIQ83XZm287XB1GpZW+TyQvpF5lXk5P1OjibnaeTrdx9R04
Un+okxpVqpAFzcNLYaOY641o+L9HHgtlCXj0uG4TOOquJwRjrh5RSAjQOx6fCjcE1syEZ4fBP546HT4ae
Sg6w3hFfhqu6EByN/hwU86kwlBntowpRWpfgnILUv2R+1fs+ZmmDxXvb+jQARAQABtCVTdXBwb3J0IF
BheW1pdW0gPHN1cHBvcnRAcGF5bWl1bS5jb20+iQJUBBMBCAA+FiEE1S5NIq7j6SJhUFW4ULLm8bO
MR5gFAl37v2cCGwMFCQeGH4AFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQULLm8bOMR5glc
g/9Hk2jUaZ16vPpSJc7wxp3vJxaixFE3ZcAU/15CasP6sfhpA1x9a/0GiVnwvWQThbDvRRrG70OygDllqu
HO8efdsQkgFdIdX1Fw2TVUwJSzqBBVIkV1y5ByPcIEy/MudnFtXr4i5Oh1zKgH2GO3eJX/e3HOLQSN7z
BlEZGA2NN6ElXUwZK7u6m8XNIey9ytWLOAYGb8aV9DBuVgl4lOSPtBotjtNQ4dIwVDffxAeBdgl1K9dha
oa80NRa7bMIU2Y0encQwRS69/iesFHwB31p+XrQVsDfz4aSycFccKv16L/jM8+Xm6vqZ6uiP7n/8x6n15
k+y8Agn7IkuQR4Wr8vn81c5HFK1ieNoMxtXW/ioMAmilhtOeyT9w6iFoVZGZOtKS0RtQLleW1PunCoCPr
1lKNhtrpsPP4kEaKW+e9IR4ZicgwsI45PiGSAdDrXY1WH0y7kfo6QdjP4LUfVF9fbFQko+jPg5JeXM5Vbl
2FY7T0yaS6I7i+n0oogTKXZpisC1Eh9OqVAd8LDHZhuqQL7oLRwG8D8c1oq0t7oxJSLsGUizyCDdrb8u
x4mqMOoy0MXDPFK/cKuWjew8f44ZabdmuUIepWAM+1ApNJ809DkslTgsSdSeOb/PtOU0WxkeH7i1W
87V9uXW3tMlS0LtIDLQruRksfXAxK67ruMgdX6Kpvq5Ag0EXfu/ZwEQAMA59fheD/9sTqNaNre3nIN2F
KRLcPnpJuijxL6yiL4s8fy+mLYiei79qIRGK4gP1PB8Rj7pyM5336sRjFN2vP1Cv616dC+sKPKuOTKmQs3
ckfvXWh3OcgPTybDcBv7aeK3fgADng+i9l64UBVgL/5fz4F2m3i2MEwM87XmM9/WGsFcZxccsJBi1mc
up96Dl4qd+YHeP4S7IEi+xZHFOSagG+4Y+AJpPtY7uR9yIrsCfd6lvpDWdWZ5B8M9P7e7Fcye7TYxoxf
esSKEvgxt/5PaenCbRykBUdKXTGgmApxcDNAybuyLjseIVVHq8iIcwi2G7RxXlGyFEf3tDxY0zXJ5bjJ9E
peBbl6/+PtflOGKl9SGCRgYhXluKmpXmRUD0nL0NiopRaKvPAxjQTSvRCm+dWRU4zFlrsFXXAlxjSv8d
dEW8K7X0dGfbyG0zRLeYco7JLbNMuqR7P3Dq6z10OWeDgG8QhxBE36tuCwgqJ+2VcRMPIqFjV1Yx
Yw/6m82M6WMp/vEneFAbHwWY8ibN4jNkuS0tdEhFyZJGg68Cf7Ol7nz3S21qrKVX3jOPZHtmSrNOJ
vobhL8WYXfSRw54FOfHFuIxdBfOvcjWJqFdSbM3AnD1bIeZTtLqTlR1VlRitbgU5wHdo9A60clK5a16Uv
91XqVICC0cJUFjk7Toe0IvABEBAAGJAjwEGAEIACYWIQTVLk0iruPpImFQVbhQsubxs4xHmAUCXfu/Z
wIbDAUJB4YfgAAKCRBQsubxs4xHmGIXEACArXHAE8v0E7+0qpAqj9J39M8KD1D+AdYhy28kU7RIW
Lbz1JZGidZxLY9nBJL9OauZefYIxEI1Ys6SJPBh6+PjSCJxtwVLfop9ivkOv1JiZM5ZsUF6n/3lFYApk/FG
vIkMtW8YiOqAVSySk3brr96lFCo6AbHwgjXZH7p7wyRxLaQKy+wD0IQdRlpMrL0RBxouZofbDyywqvr
EgKKoIuvDIvmxd+QOEjF2kxbs2FrlA6z8XDjCIqRpVwDbN8BSbl6i+LgK0MQBWxrC3ZJ3lfFhCf0ZJen
8SNlxo7e3rI5/Q/ScC/9mZuxcBNlzwpqyJjXSNwF/oarVO3AD+zRH+R68pAcrlN83FYhnW9hAcmu/13q
Rys58aZKOXHdqRmSC/N9s3pcWNLQPHP61N0/GK5u/rbpq7iqH48oueL8GFhCAFrAgLUsPC4paKZ8
iGts/fOZ/KfdR2+nJgcqwEiYOy744keFo/XpQ6h1QnX2V3kF03OdgCWu8+OoGrfW+7ge5PpMI9lvucyt
zPZPedECfWtpTwzb3Gwb+xLMlJ8wgOW0MywQ5zZN0tepFDl8efB/IEQkYGINOnwC6r3MDkebW2S
wXznZnb18/ajjpxUzv6UXQYyt6Cx/QrGcd3457I3naGe8poR2O2TSaRCAtNdqr7+mdGdT9K5VLX6KY
AWqE6MBlPQ===ddFA

-----END PGP PUBLIC KEY BLOCK-----


How to encrypt your communications with Mac ?

We strongly recommend encryption of your communications in order to guarantee their authenticity, integrity and confidentiality.

To encrypt your documents on a Mac, you first have to install PGP Suite. You will find the software by following this link.

Once downloaded, click on 'Install' to start the installation.

After accepting the terms of use, we recommend that you customize your installation by clicking on 'Customize' and unchecking the various 'GPG Mail' tabs.

Once installed, you can generate a new key pair. To do so, please click on 'New'.

It will be necessary to fill in the name, the email address linked to your Paymium account and the password.

We recommend a password of more than 8 characters including upper and lower case letters, numbers and special characters ($, &, -, !, %, etc.). Please save your password in an offline location that only you will have access to. You will not be able to retrieve your password if you lose it.

Please click on 'Generate Key' to generate your key pair.

After that, you will have to search for the public key of [email protected]. To do this, please click on 'Key search'.

Please enter the email address [email protected] and click on the 1st tab, which was created on December 19, 2019. Otherwise, please fill our fingerprint (D52E 4D22 AEE3 E922 6150 55B8 50B2 E6F1 B38C 4798) to be able to find our public key.

You can now encrypt your communications with Paymium. Please right-click on your document or text and click on 'Services' and then 'OpenPGP: Encrypt File'. You will then need to select [email protected] as the recipient and enter your password.

Files must be sent to this email address, otherwise they cannot be decrypted.

A new document will be generated. Please select it and send it to [email protected].
We will reply to you as soon as possible.


How to encrypt your communications with Windows?

We strongly recommend encryption of your communications in order to guarantee their authenticity, integrity and confidentiality.

First of all, you will have to download the software by following this link.

As the software is linked to a free protocol, you will have the possibility to make a donation. This is not necessary to continue. If you do not wish to make a donation, you can select $0 and click on 'Download'.

Once the software is downloaded, you can start and follow the different steps of the installation. Only 'GnuPG' and 'Kleopatra' are required for our tutorial. The other options are optional.

Once installed, please open Kleopatra and click on 'New Key Pair'. You can select a name and the mailbox linked to your Paymium account.

We recommend a passphrase of more than 8 characters including upper and lower case letters, numbers and special characters ($, &, -, !, %, etc.). Please save your passphrase in an offline location that only you will have access to. You will not be able to retrieve it otherwise.

Your key pair has been successfully created. There are several options for saving your key pair. Please click on 'Finish'.

In order to send us files, please first click on 'Lookup on server' and then [email protected] or our fingerprint (D52E 4D22 AEE3 E922 6150 55B8 50B2 E6F1 B38C 4798).

Files must be sent to this email address, otherwise they cannot be decrypted. Please select the line with the name 'Support Paymium' and the email '[email protected]' (you will find the right address thanks to the fingerprint above).

You can then encrypt your file by clicking on 'Sign / Encrypt' at the top left.

Please select your file and fill in '[email protected]' next to 'Encrypt for others'. Then click on 'Sign / Encrypt' and enter your passphrase to complete the operation.

It will also be proposed to protect the document with a password shared with Paymium. It is not necessary to protect it, otherwise we will need the password to open the document.

Once this has been done, please select your encrypted document and send it to [email protected].

We will reply you to as soon as possible.

What is an unhosted wallet?
A crypto-currency wallet is... Read more.

A crypto-currency wallet is secured with a public key (needed to generate addresses that you can share to receive funds), and a private key that enables you to sign your transactions.

An unhosted wallet is a wallet where only you have the private key. You are therefore sure that no one else has access to your funds.

Alternatively, when you store your funds on a platform, the private key is held by the platform.

At Paymium, in addition to taking care of your crypto-currencies for more than 10 years, we also give you the possibility to keep your funds on an unhosted wallet.

In fact, we recommend that our users who want to keep their crypto-currencies on the long term keep their keys themselves.

Paymium is committed to the best practice in securing your assets.
- We store 98% of your funds in cold wallets (not connected to the Internet),
- We keep them in full reserve (the total amount of each client's deposits is available for immediate withdrawal),
- We do not invest them in hedge funds.


How to create an unhosted wallet on Paymium?

How do I restore my unhosted wallet?

How do I restore my unhosted wallet?
Once you have created... Read more.

Once you have created your unhosted wallet on Paymium, please install the Electrum application from this link.
Electrum is a free software to restore your unhosted bitcoin wallet and access to your funds.

Please follow the steps on Electrum:

1- Click on File then on ‘New / Restore‘ and select ‘Standard wallet’, then click on ‘Next’,


2- Select ‘I already have a seed’, then click on ‘Next’,

3- Enter your 12 words delimited by spaces, then click on ‘Next’,

4- Select 'BIP39 Seed', then click on ‘OK’,

5- Check that the checksum is ‘OK’ and click on 'Next',

6- Select the legacy address type, choose the derivation path ‘m’ (delete the pre-existing path) and click on ‘Next’.

7- Select the legacy address type and click on ‘Next’.



That is it, your portfolio restoration is complete!

How to create an unhosted wallet on Paymium?
From your computer... Read more.

From your computer, please login to your dashboard.
Click on ‘My unhosted Wallets’, then on ‘Create a new unhosted wallet’ and follow the 5 steps below.

1- Wallet details

Please read the instructions and the precautions to take.
Then, you will have to fill in the various information requested and click on ‘Generate a wallet’.
As you have seen, you can also offer an unhosted wallet. To do so, simply check the box ‘I want to offer this wallet as a gift’.

2- Template

You have the possibility to add a comment about your unhosted wallet. This comment will be displayed on your Paymium account next to your unhosted wallet address.
Then click on ‘Download in PDF’. We recommend that you print this sheet of paper to keep it cold (offline) for maximum security.
The private key for your unhosted wallet is given to you as a string of words, which is easier to remember.
Follow the instructions carefully, including writing down the 12 secret words on your sheet of paper.

These 12 words are generated only on your computer using the Bitcore javascript library. Paymium never has access to this sequence of words.

3- Seed save

Select the 12 words in the correct order to validate the creation of your unhosted wallet.

4- Seed verification

Once the words have been filled in correctly, your unhosted portfolio will be created.

5- Success

Please confirm your withdrawal request by email or make a crypto-currency transfer to your new unhosted wallet.
The address of your wallet is available in the tab ‘Unhosted Wallets’.

We remind you that in case of loss of the private key, any crypto-currency hosted at this public address will be inaccessible and our team will have no way to help you.


How do I restore my unhosted wallet?

Sorry ! We didn't find any result to your search...
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.