Learning Center

Protect your investments: How to keep your cryptocurrency secure

By September 10, 2018 September 21st, 2018 No Comments
A side view on a shield with the word "Cryptography" written on its side. The shield is laid out on a surface with encrypted data.

A side view on a shield with the word "Cryptography" written on its side. The shield is laid out on a surface with encrypted data.

In 2014, crypto exchange Mt. Gox—at the time the leading Bitcoin exchange, responsible for 70% of all Bitcoin transactions—lost $460 million worth of its users’ bitcoin to hackers, resulting in the company’s bankruptcy. This was the second time the exchange was hacked; a hacker raid in 2011 captured $8.75 million in bitcoin. In hindsight, perhaps the fact that Mt. Gox started as a website for trading Magic: The Gathering Online cards (Mt. Gox is an acronym short for Magic the Gathering Online eXchange) should have been a warning sign that the company was in over its head when it came to managing a complex financial exchange.

Mt. Gox may be the highest-profile hack, but it is far from the only time a crypto exchange lost its users’ money; Bithumv and Bitfinex are two other major exchanges that surrendered tens of millions of dollars worth of crypto to hackers, not even to mention all the smaller firms that have suffered smaller scale hacks. The trouble with Mt. Gox and other firms should serve as a cautionary tale about leaving your digital money’s safety in the hands of an upstart company, and underscores the importance of taking your own steps to protect your investment.

Unfortunately, keeping your cryptocurrency secure entails far more than simply pulling your money from an exchange. Hackers can target individuals just like they target exchanges. Individuals usually make for an easier target too, especially for malware. A trojan called CryptoShuffler stole thousands of dollars by spying on Bitcoin wallet addresses stored on copy/paste clipboards. Major phishing scams like the automated transfer system MEWkit have stolen crypto by mimicking the login pages of popular wallets, stealing users’ wallet details and draining their accounts in seconds.

This may make cryptocurrency sound scary, but keeping your money secure isn’t difficult once you learn the principles of crypto security. Once you understand how crypto is stored and sent, protecting it becomes a simple matter of choosing a preferred method of protection and remaining steadfast in taking the steps to keep your crypto safe. For a guide to cryptocurrency, check out our rundown on blockchain technology and cryptocurrency history.  

 

Decentralization and Vulnerability

Close up on an artificial CPU with circuitry and a "Security Breach" message and an open padlock displayed on top of it.

The decentralized nature of cryptocurrency is a mixed blessing. On one hand, crypto keeps money out of the hand of a single controlling body like governments or corporations and provides for more security and anonymity. On the other hand, you lose the extra safety you sometimes receive from using government-backed, or fiat, currency. Because cryptocurrency is not legal tender, it is not backed by the FDIC protection extended to deposits in US banking institutions. Therefore, the onus falls on the individual to protect their money.

You will find a plethora of options for protecting your cryptocurrency, from exchange-provided digital wallets all the way down to pieces of paper. To pick the right options for you, it helps to possess a rudimentary knowledge of how cryptocurrency security actually works—how it is stored, how transactions are enacted, and more.

 

The Keys to Understanding Crypto Security

A digital interface showing a folder with cryptographic hash data written in hexadecimal computer code. A golden pixelated key is lying on it. This image represents a conceptual design in the domain of IT, cyberspace, cyber security, global communications or similar industry sectors. The image is a made up 3D concept render.

Just like fiat currency, cryptocurrency uses wallets as its storage medium. The term “wallet” takes on a different connotation when talking about cryptocurrency though. Your crypto itself is not actually stored in your wallet; crypto only exists in the form of transaction details decentralized across the blockchain. Instead, wallets store the addresses through which you send and receive cryptocurrency in the form of two types of keys. Keys are long strings of numbers representing the addresses of a user’s wallet. The two types of keys are private keys and public keys.

Private keys give you full control over your wallet. They are used to retrieve crypto sent to you, as serving as a digital signature that verifies your outgoing transactions as authentic. Private keys are sensitive and should be kept to yourself; if someone else obtained it, they would gain total control of your wallet.

Public keys point to your wallet and let others put currency in it. They are used to ensure that you are the owner of an address that can receive funds. Public keys are derived from the private key information, though it would take the most advanced supercomputers trillions of years to solve the advanced cryptographic security that protects the private key. That means that while anyone can deposit into your wallet, no one can look into it.

The Transaction Process

Close up on a padlock lying on a blue carbon fibre surface. The padlock is locked, with a digital key inserted and displays a glowing OK symbol.

If the idea of public and private keys is still a bit confusing, it helps to know how they actually work in a transaction. First, the sender encrypts the transaction: just like sending a letter in the mail, the sender lists the address of the recipient (the public address generated by the public key) to ensure delivery to correct destination. When the mail arrives, the recipient uses their private key to decrypt the transaction and access the cryptocurrency, like how someone would use a key to retrieve their mail from a P.O. Box. This underscores why keeping your private key secret and safe is so essential. If you lose it, and someone else obtains it, you not only lose access to your cryptocurrency but also give access to someone else.

Choosing the Best Wallet for Your Cryptocurrency

Crypto wallets like Archos deliver safety from hacking by being disconnected from the internet until in-use.

To reiterate, your private and public keys are stored in a wallet. As the cryptocurrency field continues to grow, so do the number of wallet options  All of these options can be classified as one of two storage methods: hot wallets or cold storage. A hot wallet is a device connected to the internet. Cold storage (also commonly referred to as a cold wallet) is a device that is not connected to the internet.

 

Hot Wallet Options

A desktop wallet is a wallet you download and install on your computer. It is imperative that you ensure your computer is free of viruses and other malware before setting up a desktop wallet, otherwise you risk forfeiting your keys to hackers. Also, desktop wallets are generally left connected to the internet, so it’s recommended that you keep your computer up to date with the latest security and anti-malware updates. A hardware failure would result in losing access to your wallet, so use a reliable hard drive or solid state drive, and make backups.

Online wallets are hosted on a website. They run in the cloud, and link to a login that can be accessed from most internet-capable devices  Online wallets can be convenient, since you can log in and easily access them from almost anywhere, and you don’t have to worry about losing a device. However, using the online wallets from exchanges is risky since there is a precedent for hacks, like the aforementioned Mt. Gox debacle.

To hedge against the risk, some exchanges like Coinbase offer 100% insurance on your holdings in the event of the event of a breach. In addition, Coinbase holds 98% of customers’ funds in offline storage as a further precaution. Another potential problem with online wallets is that the website owner could be running a scam where they access and take your money, so be sure to use a wallet with a trusted reputation.

Mobile wallets are smartphone apps optimized for making in-store retail cryptocurrency payments. If you opt to use a mobile wallet, take good care of your phone since the encryption keys are stored there; losing or breaking your phone means losing your money. Still, mobile wallets are generally considered more secure than online wallets, because they don’t store your keys in the cloud. If you want a simple and convenient portable wallet, mobile is one of the best ways to go.

 

Cold Storage Options

No, “cold storage”  doesn’t mean putting your private keys into cryogenic freezing (though that would maybe make them pretty secure too). As mentioned before, cold storage is the term used to refer to offline cryptocurrency wallets that are mostly kept offline, out of the reach of hackers.

Hardware wallets are the most common and one of the most secure cold storage options. Hardware wallets are designed to spend most of their time offline and usually only connect to the internet to enact transactions. Hardware wallets typically require you to create a PIN for entering on the wallet to approve transactions. In the event you forget the PIN or experience a hardware malfunction, most hardware wallets offer a recovery seed—a sequence of words generated by the wallet—that you can enter on a new wallet to recover your keys. It is important to write down the recovery seed phrase as soon as possible, otherwise, if the wallet fails and you haven’t written down the seed, you will not be able to recover your crypto on a new device. Hardware wallets have an excellent track record; at the time of writing, there have been no reported incidents of funds being stolen from hardware wallets. 

Paper wallets are literally printed pieces of paper displaying your public and private keys in the form of QR Codes. These codes can be scanned for use in transactions. The major advantage of paper wallets is the lack of hardware failure— unless you consider ripping and tearing to be “hardware failure.”. You can make backups by simply printing multiple copies, a good idea for such a fragile storage medium. It would be pretty embarrassing if you had to explain that your dog ate your multimillion dollar crypto fortune.

If you’re going to be storing a large amount of money in your paper wallet, you’ll want to store it in a secure location like a safe or safety deposit box. As a contingency against conditions like natural disasters or other “acts of God” like fire and flooding, you’ll want to store your backups in multiple locations. While creating more backups means there are more locations to steal the wallet, it’s a risk that may be worth it to ensure your funds aren’t taken away by freak occurrences. Also, keep in mind the vulnerabilities that come from using a printer. Many printers store print job information and do not grant users any way to delete that info; someone could potentially access the stored print job information and steal your keys. Wireless printers are particularly vulnerable since someone with access to your network could more easily the printer.

 

General Precautions When Making Transactions

Low angle view on a blue padlock made to resemble a circuit board and placed on binary computer code.

In addition to choosing your preferred wallet option, it is important to follow some general security guidelines. If you want to make transactions, you’ll need to connect to the internet. Ensure whatever device you are using to make the transaction is up to date and has a strong, firewall installed. Beware of phishing scams, like fake login pages for exchanges and wallets. Do not access your wallets or process transactions over public WiFi. It may also be prudent to only install trusted apps on your transaction device of choice, since unverified apps and publishers may spread malware.

On the surface, it may seem counterintuitive to utilize a cold storage solution since you’re going to need to connect to the internet at some point and put your crypto at risk if you want to make a transaction. Hardware wallets multi-step transaction verifications do an excellent job of safeguarding your transactions, but if you want to be even more cautious, a good compromise between quick access and safety would be to keep a small amount of your crypto that you plan on using for purchases and transactions in an online or software wallet, while keeping the rest in a hardware wallet or other cold storage medium. That way you have money to easily conduct transactions while preserving the bulk of your funds in a safe location. Think of using hot storage the way you would use a physical wallet or money clip to carry your money around, while the cold storage is like the money you keep in the bank.

 

A New Way to Pay, A New Way to Protect

A digital interface showing a folder with data written in hexadecimal computer code. Golden pixelated padlock and key are lying on it. This image represents a conceptual design in the domain of IT, cyberspace, cyber security, global communications or similar industry sectors. The image is a made up 3D concept render.

Protecting your money may be common sense, but cryptocurrency is a new paradigm for the way money is stored and spent, a lot of people don’t know what it means to protect digital currency. Just as you wouldn’t stash all your savings in a dirty old mattress (I hope), you shouldn’t store your cryptocurrency in your old Windows XP desktop full of malware you got from one too many download sprees on Limewire. When you better understand how cryptocurrency is stored and how it can be stolen, it’s easier to take effective precautions in safeguarding your money.

Craig Nieman

Author Craig Nieman

Craig Nieman recently moved to Los Angeles from Cincinnati, Ohio, a city most known for its chili (that only lifelong Cincinnatians think is edible), and professional sports teams who never get past the first round of playoffs. His main hobbies include performing improv and stand-up comedy, gaming, and music. He has an encyclopedic knowledge of video games and The Beatles, and is a superfan of the TV show “Twin Peaks” (upon request, he will gladly send you a 10000 word diatribe about how it was robbed at the Emmy nominations). He is a notorious coffee addict whose hands shake in anticipation of his next cup even as he types this bio. You may recognize him from his appearances at your local karaoke night or if you're one of the few dozen people throughout the world who have enjoyed his comedic performances.

More posts by Craig Nieman

Leave a Reply