Bitcoin is a buzzword for today’s investors and speculators. However, since bitcoin is a digital currency it is exposed to some major online threats. So, how secure is Bitcoin? Find out below.
Are Cryptocurrencies Secure?
The term “crypto” refers to cryptography and this is what makes cryptocurrencies secure. It involves a process of encoding and decoding information to allow or prevent access to it.
How Is Bitcoin Secured?
Bitcoins are secured through a combination of public and private keys, crypto-wallets, encryption, secure data storage, and user verification methods. Bitcoin security is in the process of evolving as cryptocurrencies become used more as ways of investing and purchasing goods and services online.
Threats To Bitcoins
Like other internet-connected digitized information, bitcoin is vulnerable to some security threats. Some of these come through mass online attacks directed towards specific websites. Others target individual machines in localized attacks.
Threats to stored and transacted bitcoins include:
- Internet Scams
- 2FA attacks
- Unlocked sim cards
- Stolen smartphones
- Cryptocurrency exchange security weaknesses
- Lost or stolen private keys
Is Bitcoin FDIC Insured?
Since 2015, Bitcoin exchanges have begun to partner with banks that are FDIC insured to handle the dollar funds transfers of their users. The FDIC provides US government-backed insurance of up to $250,000 for account deposits. Some of these bitcoin exchanges include:
- Coinbase (and Coinbase Exchange)
- Gemini (The Winklevoss Twins)
Exchanges are not entirely secure, so storing your funds only on a cryptocurrency exchange is not recommended. Make sure to check with your chosen cryptocurrency exchange to see if they provide access to holding accounts that are FDIC insured.
Can A Bitcoin Exchange Be Hacked?
Absolutely! An entire exchange can be hacked and users can lose substantial amounts of their cryptocurrency assets. This adds another level of risk beyond just individual lost or stolen private keys.
Here are some of the biggest cryptocurrency exchange hacks:
Mt. Gox – In 2011 and again in 2014. Result: 750,000 BTCs (around $350 million) lost and the Mt. Gox exchange was permanently shut down. It was the largest bitcoin exchange in the world at the time. Hackers targeted Mt.Gox’s auditor credentials and transferred bitcoins to a location for which Mt. Gox had no keys.
Bitfloor – 2012. Result: Hackers got hold of the unencrypted private keys leading to 24,000 bitcoins lost. Bitfloor is now closed due to not meeting several bank regulations.
Poloniex – 2014, Result: 97 bitcoins lost. The withdrawal code mechanism was hacked. Poloniex users were refunded and the exchange is still in operation.
Bitstamp – 2015. Result: 19,000 bitcoins were lost and the exchange was temporarily shut down. Bitstamp significantly improved its security measures and is still in operation.
Bitfinex – 2016. Result: 120,000 BTC lost. Wallet architecture’s weaknesses were found and exploited by hackers. Users were mostly refunded over time and the exchange is still in operation.
Binance – 2019. Result: 7,000 BTC lost. Users were refunded their lost funds. Hackers gained access to API keys, 2FA codes, and other sensitive user information through phishing, targeted viruses, and other attacks.
These are just some of the well-known hacks of cryptocurrency exchanges in recent years.
What Are Bitcoin Keys?
Keys provide security and access to individual bitcoins to be spent or transferred from person to person. There are public keys and private keys.
The Private Key
Private keys are “the key” to your Bitcoins and must be kept secret and safe. Private keys are used to sell, donate, or accept bitcoin to and from others. Basically, if you own the private key, you own the bitcoin. Every bitcoin wallet contains a wallet file that stores one or more private keys that are tied to all bitcoin addresses linked to the wallet.
Private keys are usually 256 bit-long numbers (64 characters that can also include letters) that are randomly generated when a bitcoin wallet is created. They allow an individual owner to spend his or her bitcoins.
Example of a Private Key:
Many stolen bitcoins are simply the result of cyber thieves gaining access to users’ private keys.
The Public key
Similar to the private key, the public key is a 256-bit long code that is mathematically derived from your private key. The word “public” means it is made public for anyone to see who is seeking to transfer funds to and from a Bitcoin address owned by another individual or entity.
The purpose of the public key is to generate a Bitcoin address that receives transactions on the BTC network.
Storing Private Keys Securely
You do not have to worry about forgetting your private key. Private keys are saved in a wallet file, computer file, or printed onto a hard document. However, bitcoin users must choose the right wallet to secure their keys. The important thing to do is to keep the keys safe, regardless of which method you use. If you lose your private keys and do not have a backup you can access, you will lose your bitcoins!
Can Private Keys Be Hacked?
It is almost impossible to crack a private key because they are so long. They are more likely to be stolen either individually or in mass cyber-attacks, or discovered using keyloggers or targeted viruses.
What Is A Cryptocurrency Wallet?
If you are in the process of buying your Bitcoin from an exchange, most likely you already created an online wallet. Types of crypto wallets include:
- Mobile Wallets
- Desktop Wallets
- Paper Wallets
- Hardware Wallets
These are also sometimes called “web wallets” or “hot wallets” (when they are connected to the internet).
Today’s cryptocurrency wallets have the option of being accessed through mobile devices. This provides the advantage of the convenience of accessing or buying and selling bitcoins from an app on a smartphone that has an internet connection. These wallets provide a password login used to encrypt the account.
The bitcoin private keys will likely be stored by the exchange, and not on the user’s device or through the app. It is important for users to be clear on how their chosen exchange does this. It also requires the users to trust that the exchange will handle their digital keys for them safely.
A cyberattack on the exchange could lead to the user losing all or some of their bitcoins. So, large amounts of bitcoin or other cryptocurrencies should be stored elsewhere in a safer location.
If you are looking to send Bitcoin payments from your computer, then a desktop wallet may be the right choice for you.
Desktop wallets require special software downloaded and installed on the user’s PC. A file downloaded to the computer stores the private key and address and is locked by a PIN. But this requires the user to keep the file safe on their own computer and if they lose it or it becomes corrupted, they will lose their bitcoin. However, if used properly, a desktop wallet is very difficult to hack into.
Paper wallets are simply paper printouts of your private key code(s) which can be stored in any secure place, such as a home safe, locked file cabinet, etc. Because paper wallets are not connected to the internet, they completely prevent hackers from accessing your private keys. However, if the document is lost or destroyed, you cannot replace or restore your private keys, which means your bitcoin will be lost.
Also called “cold wallets,” hardware wallets are perhaps the best and most secure storage option when it comes to storing a significant amount of Bitcoin and crypto-assets. Hardware wallets are small electronic devices that store private and public keys. They can remain offline which makes them very secure. If a user needs to store a large number of bitcoins, then a hardware wallet may be the best choice. With encryption, they can even prevent a malware-infected computer they are attached to from corrupting the wallet.
For those that plan on owning cryptocurrencies for the long haul, getting a hardware wallet is a good option.
How Hard Is It To Get Funds Out Of A Cryptocurrency Exchange?
Selling bitcoins on a cryptocurrency exchange is fairly easy, as it usually takes just one click along with identity verification. However, transferring dollars in and out of an account, especially for the first time, can take longer than with a regular online bank. There could also be bitcoin pricing variations and fees that differ from each exchange.
Easy ways to get funds out of bitcoin exchanges include using:
- Bitcoin ATMs
- Bitcoin Debit Cards
Cryptocurrency debit cards do not require ID confirmation which makes them faster and more convenient.
Bitcoins and other cryptocurrencies can be exchanged for other cryptocurrencies or converted to government-issued currency such as USD, EUR, etc.
How Do Crypto Exchanges Secure User Data?
The more secure cryptocurrency exchanges hold a large portion of user funds and other sensitive data in protected offline storage. Coinbase, for example, secures its database with split redundancy, AES-256 encryption, and copied to paper backups and FIPS-140 USB drives. Drives and paper backups are protected further by being sent to globally distributed safe deposit boxes and vaults.
Bitcoin Exchange Insurance
Most insured digital assets only cover certain cases such as compromised physical storage on the exchange servers and large cybercrimes (massive hacks). Individual accounts may not be covered when their contents are stolen through password theft, etc. So, users need to read the exchange’s fine print regarding insurance. This is one area that crypto-exchanges need to continue developing to make owning bitcoin more secure.
Using Credit Cards To Buy Bitcoin
Many exchanges such as Coinbase allow the use of credit cards to fund the purchase of bitcoin. However, exchanges will sometimes stop accepting credit cards depending on the level of exchange traffic or security threats.
There are some basic risks involved with using your credit card to make online bitcoin purchases. If credit card information is intercepted in any way, a user can have their credit card numbers stolen. Users should approach using their credit cards to buy bitcoin online the just as if they were shopping for any other goods or services.
Verifying New Users With Driver’s License Or ID Cards
Many exchanges require new or recurring users to verify their identity with a photo id or a driver’s license photocopied and sent by email or online messaging to the exchange. The purpose of this is to make sure users are not money launderers or other criminal entities. This can be slow and tedious and provides the possibility that the information is intercepted by others.
Verifying The Security Of An Exchange
It is up to each user to research the bitcoin exchange they are looking to use to verify their security procedures. Visiting online forums such as Reddit or Quora for information and following any exchange hacks in the news can help. Because crypto exchanges are currently not well-regulated or monitored by oversite agencies, users may have to rely on other user experiences to verify their security, accessibility, and convenience. Selecting a well-known exchange such as coinbase, binance, or eToro is also recommended.
How Do Crypto Security Tokens Work?
Crypto security tokens are not the same as cryptocurrencies such as bitcoin. The main difference is that security tokens are backed by assets such as company stocks or bonds and therefore are within range of government regulations. These are part of a process of “tokenization” that is happening in the financial industry. Tradeable securities are turned into digital assets using blockchain technology and are backed by a specific security asset, such as a share of Microsoft stock. These are relatively new and only a few exchanges allow for trading them.
Do Bitcoin Exchanges Accept Paypal?
Several exchanges accept PayPal as a source of funds. Sites that allow PayPal funds are best for buying and holding bitcoin as a speculation or investment because making payments with bitcoin is still slow. The steps needed to access the coins to spend online is perhaps not worth the effort.
Exchanges that accept Paypal include:
Recovering Your Stolen Bitcoins
There are no guarantees that bitcoin or any cryptocurrency can be recovered. Recovery services are available but most of them are scams. In fact, recovery scams are often the same scammers who stole the Bitcoins in the first place! This is because they have come to know how easy it was to rob the victim once before.
If you have your bitcoin stolen and are ever contacted by a “recovery specialist,” make sure you do your due diligence and look for signs to tell if they are behaving like it is a scam.
Using A VPN To Buy Bitcoins
Definitely! VPNs can help in increasing the overall level of privacy and anonymity when buying, selling, or just accessing a cryptocurrency account. It is advisable to opt for a VPN with at least one server in your country that has strong security measures, such as a good encryption level and various protocols.
For more information, read our post How Do VPNs Work?
The Future Of Bitcoin Security
As cryptocurrencies become more popular as ways of buying goods and making investments, exchange security will (hopefully) continue to improve. Several important things need to happen to crypto exchanges in the future for this to happen:
- More (and improved) security practices
- Increase transaction speed and access
- Better government oversite and regulation
- Bitcoin insurance that users pay for
- Making large bitcoin trades easier and safer
Currently, buying bitcoin is still not as easy as it is with other types of securities from traditional financial institutions, and this could use some improvement. Securing bitcoins also needs to become easier for user activity to grow.
List Of Bitcoin Exchanges
There are many online exchanges that allow for trading bitcoin. These include:
Bitcoin can be a fun and profitable way for investors and speculators to make (or lose!) money, as well as make online purchases. However, it is important for them to be aware of the security risks involved.