Cryptocurrency is perhaps the safest instrument to transfer value between anonymous parties. But storing and trading cryptocurrency can be a risky affair. As a digital crypto-asset, it does not have to worry about the many usual issues vexing paper money but faces challenges unique to fintech industry.
The most popular way of storing cryptocoins is a software wallet. Digital wallets are easy to use and practical but how secure are they? If your hard-earned cryptocoins are stored on your PC, then your assets are only as secure as your computer itself.
Basically, protecting your software wallet is no different from safeguarding any sensitive data on your PC. You should be a bit extra paranoid when surfing the net and never store your passwords in an unencrypted file on the same machine as your wallets. Ideally, you should store your passwords offline or not store them at all (brain-wallets!) and install your wallets on a device you do not use for day-to-day browsing and downloading.
Another popular solution is Linux operating system, which is believed to be almost impervious to hackers and viruses. You don’t even have to install Linux instead of Windows, it can be booted on your PC when necessary from a USB stick.
Then there is cold storage. Cold storage takes security up a few notches and basically means keeping your altcoins in an offline wallet, effectively restricting any attempts of unauthorized access to it.
Cold storage wallet is usually created on a device that is never connected to the Internet, like an old offline laptop or a USB stick. Not many people know that a cold wallet can not only be maintained offline but can even be created offline. You do not need to connect the device to the Internet to install a wallet, generate keys and send the coins. Such wallets are perhaps the safest ones.
As far as offline wallets go, hardware wallets are the most convenient and secure solution. Hardware wallets are portable devices designed specifically for storing cryptocurrency. Basically, they are USB sticks with simple and secure software and several layers of cryptographic protection.
Now cold storage is great for storing your assets, but sooner or later you will need to move your coins online and that is when you face some completely different security issues.
Trading and purchasing
Emerging crypto-shopping requires us to find a suitable way of keeping assets online and easily accessible.
Many users create a “hot wallet” to take care of routine day to day transactions and a “cold wallet” to store the bulk of their assets, only occasionally accessing it. This approach was also adopted by many exchange websites. Even if you do not consider yourself to be a crypto-trader, at times you will need to exchange your cryptocurrency and dealing with exchanges is almost unavoidable.
Online wallets, processing systems and exchanges all have their security issues. Professionals believe that there are a few security measures crypto-traders should be aware of when choosing what online services to use, but also to remember that certain user end measures are absolutely necessary and usually more reliable in the long run.
Svetlana Geller, Livecoin.net CEO, says:
“Perceived safety and objective safety are two completely different beasts. Perceived safety can be reached by numerous account protection mechanisms. But in reality, this will mostly just hinder the account owner’s user experience. I believe google authenticator with just one IP in its whitelist (the VPN you use to access the exchange) will be enough. With this sort of protection, in place, your account will only be hacked if the perpetrator has full access to your PC and smartphone, which should be hard enough for an Internet-based criminal. You can slap 10 more protections on top of that but none will be nearly as effective.”
And of course, pay attention to your email’s security. “Always use unique passwords, protect your email with multi-factor authentication and so on, you know the drill”, Geller continues. “90 percent of all hacks are conducted via accessing your email and changing email in your account or attempting to recover your password. Also mind your smartphone, especially if it's Android with google authenticator installed. Ideally, you should buy a cheap smartphone specifically to be used for your financial activities and restrict your Google authenticator for exchanges to it. These two simple tricks will almost completely safeguard your assets from hacker attacks.”
Whether you frequently trade on the exchange or simply store some of your assets there to diversify risks, it is paramount to choose an exchange that will not only be convenient but also reliable and secure.
Exchanges, mostly being centralized entities, can get hacked. And often are. Moreover, they tend to sometimes dissolve into thin air along with the clients’ assets. Many times we have seen crypto-exchanges evaporating or crumbling in a matter of days. There were signs of course, but inexperienced users did not read them.
To name a few examples, the abrupt resignation of William Dennis Atwood, the sole director of MyCoin, should perhaps have sounded some alarms but in fact, it went largely unnoticed by the community. A month later the notorious Hong Kong exchange collapsed leaving behind many disgruntled users. The downfall of Cryptsy was perhaps even more predictable. For years this exchange experienced numerous technical issues and introduced questionable administration policies. Early in 2016, it proclaimed bankruptcy as a result of the hacker attack that robbed it of $7.5 mln. The court case that followed has shown that the owner has probably funneled exchange’s funds to his personal accounts too.
So what are the dark omens traders should be on the lookout for? Apparently, the crypto world is all about trust and reputation so industry celebrities and personalities with good karma in the community disengaging themselves from a project should be an alarming sign. Frequent technical issues and fishy policies are another obvious one. But as professionals say, there are just too many ways to spot a shady exchange so keep your eyes peeled for anything that seems out of place.
“There are just too many ways to spot a sketchy exchange given some of them employ very unsophisticated schemes. For example, an exchange suddenly crashes during intensive BTC price fluctuations and when it’s back up clients’ orders are mysteriously fulfilled at a disadvantageous price.”
According to Geller, Bitcoin withdrawal issues are always a huge red flag too. Altcoins might get stuck for months due to faulty nodes so their mobility is really not a relevant factor, but bitcoin’s low mobility is definitely a bad sign.
"‘Transparency is not always a clear sign. There has been quite a few fairly transparent exchanges that disappeared with clients’ money. On the other hand, there are numerous non-transparent exchanges that are well-respected and reliable, like BTC-e."
Slow response to user tickets is another sign, which while not being absolutely certain should still raise some alarms if frequent enough.”
Another tell-tale sign of a shady exchange is a seemingly uncontrolled influx of highly questionable altcoins. Some exchanges even get involved in ICOs and initial emission. And every time a new coin enters such exchange there will be pump-and-dump cycles which will most likely rip a trader off unless he belongs to an insider group. Exchanges with heaps of dead coins on their roster should be avoided unless you absolutely know what you’re doing.
Finally, don’t put all your eggs in one basket. Sometimes bad things just happen out of the blue but at least you will be able to greatly decrease your risks by diversifying them.