As bitcoin price draws mainstream attention, a lot of new investors are starting to buy bitcoin. However, this popularity also attracts scammers and hackers. Therefore, learning how to take care of your own funds should be the first step for everyone who holds any form of crypto assets. (Link to what is bitcoin)
Unlike the traditional banking system where there would be customer support and compensation if your funds are stolen, the security of cryptocurrency is almost entirely the individual's responsibility.
The most common question beginners will ask is where should I keep my bitcoin? To answer that we should first learn about the difference between hot storage and cold storage.
Hot wallet is like a wallet that you carry around or an everyday bank account and a cold wallet is like a savings account. The biggest difference between the two is that a hot wallet is connected to the internet and a cold wallet is not.
What is a Hot wallet?
Hot wallets allow users to send and receive cryptocurrency easily as it’s connected to the internet. For example, if you’d like to make small purchases or send your friends cryptocurrency, you would most likely use your hot wallet. Hot wallets are compatible with a wide variety of cryptocurrency and tokens and they are usually free to use.
Compared to cold wallets, hot wallets are more vulnerable to hacks but it doesn’t mean it’s unsafe to store your funds there. The general rule of thumb is keep what you feel comfortable carrying around with your physical wallet. While hot wallets provide convenience for transactions, there are potential risks of your crypto funds being accessed through the internet. If you have taken the right security precautions and have also backed up your hot wallet, then losing the device containing the wallet is not the end of the world as it can still be restored. In this sense, using a hot wallet may even be considered better than carrying physical cash.
We often hear news headlines with “bitcoin being hacked”, the truth is it’s usually the hot wallets of cryptocurrency companies or exchange accounts being hacked. There was a loss of 882 million dollar from exchanges attacks in 2017 and 2018. (Link to can bitcoin be hacked article)
Examples of Hot Wallet
Online wallets are provided and controlled by a third party. The wallet stores your private keys on a server and allows you to access your funds through any devices that’s connected to the internet.
Some online wallets are run by exchanges. If you store funds in an account on cryptocurrency exchanges such as Binance and Coinbase, your funds are more likely to be exposed to cyber attacks. Since exchanges store your security keys in their online servers, it makes them more susceptible to hackers, and there have also been exchanges which shut down and token users funds before.
Even though most exchanges nowadays have more advanced security measures and some promises they would compensate users of the loss funds, it is still our responsibility to be cautious and protect our cryptocurrency by transferring it to a cold storage regularly.
Desktop wallets need to be downloaded and installed on your computer. They can only be accessed by specific devices because your private keys are stored on your hard drive.
Even though users are not relying on a third party, the wallet is still reachable from the internet if the desktop is online. You can access your fund easily but hackers can still potentially hack into your device remotely and steal your funds. Therefore, it’s a good balance of security and convenience for those who trade a small amount using their own device.
Mobile wallets is a wallet that you can effortlessly access through your mobile device. It’s suitable for those who use cryptocurrency for daily purchases in person. You can simply pay through scanning a QR code in stores using your mobile wallet app. The private key is stored on your phone, making it seamless to transact cryptocurrency on the go.
There are a massive collection of mobile wallet apps on both IOS and Android. However, Similar to all other hot wallets, there is a risk of losing your crypto if someone else gets access to your mobile device and your private keys. As with most cryptocurrency services, proper due diligence by the user is still required to set up effective passwords and create backups in case the mobile device is lost.
What is a cold wallet?
Cold wallets are not connected to the internet. Therefore, it’s protected from cyber attacks or any external access.
Transactions made with a cold wallet are more secure because it allows users to transfer crypto funds offline. Since the privacy keys never come in contact with any online server, your funds are safe from external attacks.
Examples of Cold wallet
Paper wallet is literally a piece of paper with both the public and private key printed. Public keys allows you to receive the fund and private keys allows you to spend freely. A Paper wallet usually comes with QR codes that you can scan to retrieve the cryptocurrency in a software wallet. These wallets can be generated online with services like bitcoinpaperwallet.com. Some companies would use these for promotions and we have heard of people getting creative and using these as red pocket money gifts for Chinese New year as well.
Even though the private keys are stored offline, safeguarding the fund from online hacks, paper is still a fragile material. Depending on the amount that you’re storing on the paper wallet, you should consider storing it in a cool and dry place or even a safe deposit box.
Hardware wallet is the most secure way to store your cryptocurrency. It’s a wallet that stores your private keys in a hardware device which is a small device that looks like a USB. Private keys are stored in a protected area of a microcontroller, so it can not be transferred out of the device in plaintext. The device is offline so it’s immune to computer viruses and users can interact with it without the need to transfer it to other software.
Some hardware wallets also provide security features such as confirming transactions on the device screen. If you ever lose your hardware wallet, worry not as long as you have your recovery seed key. Your recovery seed usually consists of a combination of 12-24 words and it’s the most important thing to store. Even if you lose your hardware wallet, no one can access your fund without knowing your pin or password.
The most important thing is to check the packaging before you start using the hardware and look for a device that’s made by a reputable manufacturing company.
Other Security Tips
Always Double check address before sending cryptocurrency
As we have mentioned before, there’s no central authority that safeguard your cryptocurrency for you. If you accidentally send funds to the wrong address, you can lose your cryptocurrency forever. Therefore, always double check the address. The easiest way to check the address is to match the first and last 5 characters to make sure the address you copied is the exact same.
Participate in the Proof of keys day
On 3rd January every year, the community will take all their cryptocurrency out from third parties such as an exchange. This activity aims to prevent investor’s dependence on third parties. By transferring the funds into their own wallet, it ensures everyone has full control over their private keys and cryptocurrency. There’s a famous saying in the community: Not your keys, not your coins.
Don’t use your birthday as the password anymore
When you are creating a wallet or a cryptocurrency exchange account, please don’t use your birthday anymore. Try using a passport generator instead, there are a lot of password generators online that help create secure and unique passwords. You can customise it to include a combination of numbers, symbols and uppercase and lowercase letters.
Enable Two-factor authentication (2FA)
If your wallet or exchange provide two-factor authentication (2FA), you should consider enabling it. The most common authenticator is Google Authentication App which generates a new unique 6-digit code for you every minute. 2FA is a great simple way to increase the security of your cryptocurrency. Every Time you log into your accounts, it double checks your identity.
Almost 300 million worth of cryptocurrency and over 500,000 users logins were stolen from crypto exchanges in 2019 alone. We hope with the explanations and tips above, you would feel more confident in safeguarding your own cryptocurrency. As you know blockchain or cryptocurrency is near impossible to hack (Link to can bitcoin be hacked) , so scammers would take advantage of individuals instead.
If you’re looking to buy Bitcoin in Australia, Binance Lite provides a secure and reliable cash-to-bitcoin service, through internet banking transfer or a network of 1300+ supported newsagents across Australia.