With its skyrocketing price, Bitcoin’s popularity has also hit feverish levels. Despite the mania, many newcomers still have no idea what kind of risks they face with improperly securing their investment. The most common of the “security sins” is leaving bitcoin on an exchange. Coinbase, perhaps one of the most reputable bitcoin exchanges, is insured against any hacks of their digital currency “hotwallets” – the online storage used to facilitate deposits and withdrawals of bitcoin to the exchange. However, they do not insure individual Bitcoin accounts against theft resulting from a compromised password. If a cybercriminal manages to get into your Coinbase account, there’s nothing to protect you from losing everything.
Due to the almost anonymous nature of bitcoin, many cyber-criminals have switched their focus from hacking traditional financial institutions to hacking bitcoin accounts, as the funds are much harder to trace and recover, and the risks of them getting caught are far lower. Aside from hacking, holding bitcoin on an exchange means trusting the exchange to stay solvent and honestly report any security breaches. Those who followed bitcoin in the early days remember the Mt. Gox incident, in which hacking combined with mismanagement and fraud caused the exchange to collapse in 2014. In the process, the company lost millions of dollars in customer money. These combined factors mean those who continue to hold bitcoin or any other cryptocurrencies on an exchange face increased risks compared to traditional trading accounts.
To offset those risks, Savvy ‘bitcoiners’ can run programs on their computers that store their bitcoin offline, acting as personal “bitcoin banks” and sheltered from the threat of hackers. While this is the preferred alternative to holding bitcoin on an exchange, a little more technical knowledge is required to set up and use these programs. Running one of these programs, which are referred to as “software wallets” in the crypto community, is considered to be the bare minimum level of security a bitcoin owner should have. If storing bitcoin on an exchange is level 0, meaning it’s completely insecure, than software wallets are considered level 1. Software wallets offer decent security, as long as the computer they operate on is not compromised.
Continuing this analogy, level 2 would be hardware wallets. A hardware wallet is a physical device with a specialized chip designed to house bitcoin keys in a secure manner. When using the device the secret keys never leave the chip, and sending bitcoin requires one to plug the device into an internet connected computer and enter a secret passcode. However, even these “safe” mechanisms of storage have drawbacks. A Turkish man who had been flaunting his bitcoin wealth on social media found himself on the receiving end of “rubber-hose cryptanalysis” – a euphemism for extracting cryptographic secrets, like passwords, by using torture or coercion. While gang kidnappings may not be as big of a problem in the U.S., the threat of bitcoin burglary remains real.
As one descends deeper into the “levels” of bitcoin security, a trend begins to emerge: the trade-off of convenience for security. There is a varying degree of security that makes sense for everyone. For example, a crypto trader might leave a small percent of their assets on an exchange, knowingly taking that risk because they make frequent trades, and to be constantly moving assets from the exchange to another wallet would not only be cumbersome, but would rack up sizeable transaction fees over time. The average person might be satisfied with a simple software wallet, but what does a company like Coinbase, which has to safely hold billions of dollars worth of Bitcoin, do?
It turns out Coinbase must employ the facilities that bitcoin evangelists claim are destined to be taken down by cryptocurrencies: banks. Enter, security level 3. Directly from their website, Coinbase states, “98% of customer funds are stored offline… we distribute bitcoin geographically in safe deposit boxes and vaults around the world.” So how is a digital currency like Bitcoin stored in a physical vault? Before being stored in the vault, Coinbase adds extra layers of security by splitting and encrypting the private key data. The encrypted data is then transferred to a USB device, which is then placed in a bank vault similar to other physical items or currencies of high value. Paper backup copies are also made and secured in a vault. Yes, you read that correctly. The largest bitcoin exchange in the U.S. still uses paper. Even the effortlessly digital nature of Bitcoin can’t escape the realities of the physical world.
Our recommended storage for any amount of cryptos that you or your family can’t afford to lose is security level 3 mentioned above — encrypted on a FIPS 140 compliant USB drive stored in a safety deposit box with backup USBs stored elsewhere.
Have a crypto question or request? DM us on twitter @bespokecrypto.