Is trezor.io legit?

75
/ 100
Mostly Safe
Industry: Crypto

Trezor.io appears to be a legitimate and secure platform, scoring 'Mostly Safe' due to its strong technical foundation and clear identity. However, prospective buyers should be aware of the aggressive discount claims and the use of non-reversible payment methods, which can sometimes be associated with less reputable sites.

Crypto average: 76/100 · based on 25 sites

Checked: April 18, 2026 at 8:28 AM UTC · Refresh

Is trezor.io a scam? Here's what we found.

Security 70/100

While the site boasts strong encryption, a valid SSL certificate (TLS 1.3), and is clean according to Google Web Risk, the high number of external scripts presents a potential, albeit currently undetected, vulnerability that users should be mindful of.

Identity 90/100

This is a well-established company with a domain nearly 12 years old, publicly listing its organization (SatoshiLabs Group a.s.) in the WHOIS, indicating a transparent and long-standing presence in its industry.

Reputation 70/100

The site benefits from high traffic and a clean standing on DNS blacklists. However, the presence of unusually high discounts could be a deceptive tactic, which somewhat detracts from its overall trustworthiness.

Transparency 70/100

The site provides clear contact information, legal pages, and a social media presence, which are all positive. Yet, the mention of irreversible payment methods flags a concern regarding consumer protections, potentially confusing customers about their recourse options.

Compliance 90/100

The presence of both a privacy policy and terms of service pages demonstrates a commitment to legal and user protections, which aligns with expectations for an established online business.

Infrastructure 95/100

The technical setup is robust, featuring modern DNS (Cloudflare), strong email authentication (SPF, DMARC), and HTTPS enforcement via HSTS, indicating a well-managed and secure backend infrastructure.

Signals Detected

[+]
Tranco Rank: Rank #9637

This is a well-known, high-traffic website

[+]
Structured Data: Found

Site uses structured data identifying itself as: WebSite

[?]
Trustpilot: No Trustpilot profile

This business has no Trustpilot presence — not unusual for smaller or newer companies

[~]
Unrealistic Discounts: Found

Site advertises discounts over 70% — common in fraudulent e-commerce

[~]
Payment Red Flags: 2 flag(s)

Mentions non-reversible payment methods: bitcoin, wire transfer

[~]
External Scripts: 27 scripts

Excessive number of external scripts — may indicate malicious injection

[+]
SSL Certificate: Valid

Valid certificate, expires in 46 days

[?]
Certificate Issuer: Let's Encrypt

Certificate issued by Let's Encrypt

[+]
TLS Version: TLS 1.3

Connection uses TLS 1.3

[+]
DNS Resolution: 4 IP(s)

Resolves to: 2606:4700:10::ac42:86f5, 2606:4700:10::ac42:896f, 172.66.137.111, 172.66.134.245

[+]
Email (MX Records): 5 record(s)

Mail servers: aspmx.l.google.com., alt2.aspmx.l.google.com., alt1.aspmx.l.google.com., aspmx3.googlemail.com., aspmx2.googlemail.com.

[+]
SPF Record: Present

Domain has SPF email authentication configured

[+]
DMARC Record: Present

Domain has DMARC email authentication configured

[+]
Name Servers: 2 server(s)

DNS providers: lucy.ns.cloudflare.com., jeff.ns.cloudflare.com.

[+]
HSTS Header: Present

Site enforces HTTPS via HSTS

[+]
Content Security Policy: Present

Site has Content Security Policy configured

[+]
Clickjacking Protection: Present

X-Frame-Options: DENY

[?]
Server: cloudflare

Web server: cloudflare

[+]
Google Web Risk: Clean

No threats detected by Google Web Risk

[+]
robots.txt: Present

robots.txt has 16 directives and references a sitemap

[+]
Branding: Complete

Site has custom branding and social media metadata

[+]
DNS Blacklists: Clean

Not found on any DNS blacklists

[+]
Domain Age: 11 years, 10 months

Domain created 2014-07-21T08:45:45Z (11 years, 10 months ago)

[?]
Registrar: Cloudflare, Inc

Registered through Cloudflare, Inc

[+]
Domain Expiry: 2028-07-21T08:45:45Z

Expires in 825 days

[+]
DNSSEC: signedDelegation

DNSSEC status from WHOIS

[?]
Sitemap: Not found

No sitemap found — common for smaller sites

[+]
Website Status: Online

Website is live and responding

[+]
Contact Info: Found

Website appears to have contact information

[+]
Legal Pages: Privacy & Terms found

Website has both privacy policy and terms of service pages

[+]
Social Media Presence: 4 platforms

Website links to multiple social media platforms

[?]
Web Archive: Unable to check

Could not query Wayback Machine

[?]
Certificate Transparency: Unable to check

Could not query certificate transparency logs

[+]
Page Load Time: 73ms

Fast page load

Embed This Badge

Own this site? Show visitors your trust score.

Trust badge for trezor.io
<a href="https://verified.fyi/review/trezor.io"><img src="https://verified.fyi/badge/trezor.io?size=medium&style=full&theme=dark" alt="trezor.io trust score — verified.fyi" /></a>
[![trezor.io trust score](https://verified.fyi/badge/trezor.io?size=medium&style=full&theme=dark)](https://verified.fyi/review/trezor.io)

Stay Safe Online

Good habits to protect yourself, no matter the scan result.

Use a password manager

Never reuse passwords across sites.

Enable two-factor authentication

Add a second layer of security to your accounts.

Check before you buy

Always verify unfamiliar stores before entering payment info.

Navigating the crypto space means being diligent about where you store your assets. Trezor.io, a well-known name in hardware wallets, presents a largely trustworthy profile. Unlike many fly-by-night operations in the crypto world, Trezor benefits from a long history, with its domain active for nearly twelve years, and transparent ownership under SatoshiLabs Group a.s. This level of longevity and openness is a significant green flag for a company dealing with digital security. However, potential buyers should still exercise some caution. When evaluating any e-commerce site, particularly in the crypto sector where scams are prevalent, be wary of 'too good to be true' discounts. Trezor.io advertises discounts over 70%, which is an aggressive marketing tactic that can sometimes be associated with less scrupulous vendors. Additionally, while common for crypto-related transactions, the mention of non-reversible payment methods like bitcoin and wire transfers, without prominent alternative options, could leave consumers with fewer avenues for recourse if a purchase goes wrong. Most reputable hardware wallet providers will offer a range of payment options to cater to diverse customer needs and preferences. Ultimately, Trezor.io's strong technical infrastructure, including robust security protocols and clear branding, suggests a legitimate operation. However, in an industry ripe with scams, it's always wise to scrutinize promotional offers and understand the payment methods being used. Ensure you're buying directly from the official site and not a phishing clone.