Beyond the usual steps of keeping software up-to-date and avoiding suspicious websites, there’s some key tips to bear in mind to buy crypto safely.
“Blockchain, the technology upon which most cryptocurrencies are built, is secure,” James Song, founder and CEO of blockchain technology startup ExoCoin, tells Pocket-Lint. “In fact, the strength of its security is the reason why cryptocurrencies exist today.”
Blockchain is best considered as a pair of private and public keys with strong security that computers can’t crack, like a really advanced username and password. Even the best password system in the world is rendered useless when it falls into the wrong hands, though. If you access your cryptocurrency wallet through a smartphone that has malware, for example, a hacker could take your wallet password and steal your coins.
Song recommends several steps to protect against attacks: don’t use public Wi-fi, consider using a separate device specifically for crypto transactions, use a two-factor authentication method like Google Authenticate (SMS is less secure as an attacker could port your phone number to their device), bookmark your crypto account websites to ensure you’re visiting the correct address, and never tell anyone your password.
Of course, all these tips assume your chosen crypto website is secure. The Mt. Gox exchange handled 70 percent of all Bitcoin transactions in 2013, but a hack led to the loss of $450 million worth of Bitcoin.
“The issue with cryptocurrency exchanges is that not all of them can be trusted,” John Shier, senior security expert at Sophos. “There have been many cases where the exchange was simply a front for stealing money or the security of the exchange was compromised and funds were stolen.”
What about a hardware wallet?
Many cryptocurrency traders invest in a hardware wallet for peace of mind. These devices, about the size of a USB stick, store the private and public keys offline. Unlike a web-based wallet that is theoretically vulnerable to attack any time, users keep a hardware wallet somewhere safe and plug it into a computer when it’s time to perform a transaction. Popular models include the €94.80 Ledger Nano S and €89 Trezor One. It’s best to buy directly from the manufacturer or an approved retailer to avoid the chance of tampering.
With all these precautions in place, criminals are working on new ways to get their hands on cryptocurrency. Cryptojacking involves using malicious computer code to quietly mine cryptocurrency and send it to the attacker, a practice that can lead to device slowdown and even battery failure. Code has been discovered on servers owned by car company Tesla and the Australian government.
“Much of the profit from criminal activity goes towards personal wealth,” Shier says. “This extra wealth also enables criminals to raise the quality of their next attack by affording them the opportunity to hire better coders, local translators and pay for additional infrastructure.”
As for whether cryptocurrency is more secure than traditional currency, it partly depends on the user.
“You have this burden of responsibility…of storing your own private key, which is not something people are used to doing,” Laurence Cook, founder and CEO of payment startup Nanopay, tells Pocket-Lint. “People are used to giving all their security responsibility over to a bank. All you have to do is remember a PIN number or password, identify yourself and you’re good to go.”
As a method of exchanging money for the internet age without bank interference, cryptocurrency opens up a world of new possibilities. As the old adage goes, though: with great power comes great responsibility.