On May 4, cryptocurrency exchange Binance launched a feature called "Withdraw Protection." This feature blocks all on-chain withdrawals from an account for a period of one to seven days, as reported in the exchange's blog.

By default, the lock lasts for the entire selected period and cannot be lifted early by either the user or the exchange's support team. For those who need flexibility, an early unlock option can be activated, requiring confirmation via a hardware security key and an authenticator app. Additionally, users can enable verification through phone or email.

“Most security recommendations in the crypto industry focus on digital threats. […] However, there is a risk that these measures do not account for—physical coercion. These are situations where a person is forced to transfer funds in person. Such cases are rare, but when they occur, the losses can be significant and irreversible,” the exchange stated in its blog.

Binance's Chief Security Officer, Jimmy Su, explained in an interview with CoinDesk that the company developed this feature based on patterns observed in practice. Su pointed out that users traveling to regions where owning cryptocurrency poses physical risks may benefit from this feature.

“They want to have a level of control where they can set withdrawal limits. If something happens, it gives them more time to recover,” he said.

During the lock period, the account remains fully operational—users can trade and manage their funds within the platform. The restrictions only apply to on-chain withdrawals.

How to Activate

In the mobile app: "Account Information" → "Security" → "Withdraw Protection." The default lock period is two days.

Source: Binance.

On the website: "Account" → "Security" → "Advanced Security" → "Withdraw Protection."

Source: Binance.

Additional Recommendations

Binance emphasizes that "Withdraw Protection" complements other security mechanisms rather than replacing them. The exchange recommends:

  • not publicly disclosing information about balances and trading activity;
  • using withdrawal address whitelists;
  • enabling biometric authentication;
  • setting up login via passkey—this reduces the risk of phishing and SIM swapping;
  • establishing an anti-phishing code—a unique eight-character code in every email from Binance.

As a reminder, according to a report by CertiK, the number of physical attacks on cryptocurrency holders increased by 75% in 2025, reaching 72 confirmed cases.