MetaCert is the best in the world at one thing:

Telling you which links are safe, and which websites you can trust.


20 Bn.

World’s biggest cyber threat intelligence system of URLs and crypto wallet addresses.


Of URLs analyzed and verified as safe.


Links analyzed every day.

2 Million+

Cryptocurrency enthusiast protected by our software.


Small to mid sized companies, and Cryptocurrency companies use our security software every day.


The number of people who have suffered a Phishing, Malware, or Ransomware attack since installing MetaCert.

W3C Standard

MetaCert CEO Paul Walsh co-instigated the W3C Standard for URL Classification.


MetaCert's patented phishing detection and prevention inside a mobile app WebView.

URL Classification is in our DNA

URL Classification is in our DNA

MetaCert Founder and CEO Paul Walsh, co-instigated the creation of the Standard for URL Classification / Content Labeling at the W3C, the Standards body for the World Wide Web in 2004. It formally replaced a Standard called PICS in 2009.

Paul’s research and development, in classification technology and the human behavior around visual indicators for web-based trust, are what lead to him founding MetaCert in 2011.

Enterprise Grade API

Enterprise Grade API

With just six lines of code, our Security API takes less than an hour for a developer to integrate inside any hardware device or software application.

It provides a light, but extremely powerful layer of security to apps by providing intelligence on 20 billion URLs. Our API can be used to lookup Malware, Phishing, Crypto mining, Pornography, News Reputation, and Verified as Safe categories.

URL Unfurler

URL Unfurler

Many dangerous links hide behind shortened URLs.

Our unfurling solution can get to the real destination of a URL after checking over 3,500 shortening services in less than 75ms.

Global registry

Our global registry of classified URLs is growing every minute of every day. Our registry covers websites, social media accounts, bots, apps, cloud storage, and pretty much anything on the web that has a unique URI.

How we verify URLs as safe

How we verify URLs as safe

Some of our techniques need to remain a secret. But suffice to say, it’s a combination of tools, bots, and people.

Our network effect is down to customers requesting new URLs to be classified as safe. And scale is achieved through our partners and resellers doing the validation work.

Digital wallet addresses

Digital wallet addresses

Threat actors don’t just use phishing webpages to scam people. They also use digital wallet addresses.

We were the first security company to classify digital wallet addresses as either fraudulent or verified as safe.

Our wallet address lookup API is designed for wallets, exchanges, and other companies that wish to protect their customers from crypto fraud while addressing their regulatory compliance requirements.

Machine Learning

Machine Learning

We use machine learning to help improve our ability to identify malicious threats on social media websites like Twitter.

For security reasons we’d rather not give more insight to threat actors as it would encourage them to change their tactics.



Cybersecurity is generally the last to play catchup with new technology and trends. This is why the security industry has yet to update their solutions to tackle the massive problem with malware and phishing that’s designed specifically for people who trade or invest in crypto.

MetaCert was very early in this space. Since eradicating phishing for the crypto ecosystem on Slack in 2017, we have built the strongest brand and reputation in the crypto world.

Our security tools protect more crypto companies and crypto enthusiasts than every other security company in the world combined.

How “Verified as Safe” works for user accounts

The “cabforum” GitHub account has been classified as safe. This means that every link to every file belonging to that account is also assumed to be safe.

Our browser-based security software, and all other applications that use our API, will display the Green Shield for every URL that belongs to the cabforum account.

If you opened a URL that purported to link to a Cab Forum GitHub file, and the shield was grey, you would know that this was a malicious attack that has gone undetected by other security systems.

Verified link

Why classifying user accounts and folders is important

As Proofpoint researchers have observed in the past, phishers and other threat actors can bypass whitelists and network defenses due to their widespread use of large consumer cloud storage sites, social networking, and commerce services such as Dropbox, Google Drive, Paypal, eBay, and Facebook.

Since at least mid-2017, phishers have also been abusing free code repositories on the popular GitHub service to host phishing attacks, as well as malicious files that can lead to malware and ransomware.



We own a family of patents that cover the detection of phishing, malware, and 25 additional categories, inside a mobile app WebView. They also include visual indicators for website identity inside mobile apps.