This article is written in partnership with bitFlyer (learn more)
Security, a key criterion in choosing an exchange
When making a financial investment, it is legitimate to question the security aspect. In the case of cryptocurrencies, it is still a fairly young sector and therefore relatively unregulated.
Some high-profile trade hacks have shown how easy it is to lose money. The most classic example is that of Mt. Gox. In 2014, when the exchange handled around 70% of Bitcoin (BTC) transactions, an attack resulted in the loss of 850,000 BTC, or roughly $ 450 million at the time.
At present, most of the major exchanges are trying to put in place a large number of procedures to ensure the security of their users’ cryptocurrencies.
The most popular is two-factor authentication (2FA). Although sometimes seen as tedious, this additional step during connection (receipt of a code by SMS or email) is essential to avoid malicious intrusions.
However, this type of protection is not sufficient to ensure the maximum security of users’ digital assets. This is why most trading platforms have established a strong security policy and standards.
In the rest of this article, we will detail some examples using the example of the bitFlyer exchange platform.
👉 To deepen – Invest serenely in cryptocurrencies with the recurring and scheduled purchase via bitFlyer
How does bitFlyer ensure the security of your cryptocurrencies?
bitFlyer is a fully regulated cryptocurrency exchange. Initially launched in Japan, it is the first exchange to be able to operate in Japan, the United States and Europe.
In order to operate within the European Union, bitFlyer was granted a Payment Establishment license in 2018 by the Luxembourg Ministry of Finance. In addition, bitFlyer Europe is the first Luxembourg-based company to be registered as a Virtual Asset Service Provider (PSAV).
Each year, the company is subject to a complete audit, the objective of which is to guarantee quality and highly secure services to users. A part of their security processes is presented in the rest of this file.
👉 To learn more about bitFlyer, find our full platform presentation.
The cold wallet
Generally speaking, cryptocurrency exchange platforms manage their clients’ funds using a combination of “hot wallet” (literally, hot wallet) and “cold wallets” (conversely, cold wallet).
When you deposit cryptocurrency on an exchange, the funds are transferred directly to a hot wallet. This facilitates trading and provides liquidity to traders. However, this type of wallet poses a major problem: being directly connected to the Internet, it provides hackers with a much larger attack surface.
This is why exchanges use so-called “cold” portfolios, meaning that they are completely disconnected from the network and thus offer maximum security.
Logically enough, it is best for any user that an exchange keeps the majority of its funds in a cold wallet. Generally, the distribution of cryptocurrency storage is around 90% in cold wallets for 10% in hot wallets.
In the case of bitFlyer and according to their data, 100% of the BTC that the exchange’s clients own is stored in a cold wallet. In addition, it is isolated from the network, physically protected by several locks as well as by a 24-hour surveillance system.
Protection against attacks
As new viruses or hacking techniques emerge on a daily basis, bitFlyer makes an effort to check its security system for vulnerabilities periodically. The exchange executes various attacks thousands of times in a row with careful attention to risk exposure.
However, new phishing (or attempted phishing) attacks pose a major threat to banking and financial services. The hacker creates a fake website that looks exactly like the original in order to retrieve the trapped user’s login, account password and one-time code (2FA).
Having suffered from numerous instances of unauthorized logins in 2019, bitFlyer has decided not to limit itself to passive measures and rolled out a new strategy called “proactive defense”. It aims to quickly obtain information on the attackers by daring to jump into their traps.
The exchange has thus prepared a number of decoy accounts voluntarily responding to phishing attempts. When the hacker tries to connect via one of his fake accounts, his operating mode will be analyzed, the IP addresses of the servers and terminals used will be identified and permanently blocked.
This strategy has been operational since around October 2019 and was applied to a live attack on bitFlyer in July 2020. The attacker’s hack attempt was completely blocked within two hours of the attack starting, and this The company’s action has left its users’ assets out of reach.
The insurance program
While almost all traditional bank accounts come with insurance to keep your money safe, the same is not true of all cryptocurrency exchanges.
When you put money in a bank account, it is compulsorily and automatically insured against theft or bankruptcy of the bank. However, cryptocurrency exchanges do not have this assurance and it is essential to ensure that they provide an equivalent service.
This is the case with bitFlyer. In collaboration with Mitsui Sumitomo Insurance (MSIG), the leading Japanese exchange provides protection to its users and their digital assets.
Under this insurance, the exchange is covered up to an amount between 10 million yen (89,000 USD) and 1 billion yen (8.9 million USD). It is used to protect against loss and damage caused by cyber attacks, unauthorized access, employee irregularities, as well as the costs associated with handling such incidents.
Multi-signature is a security measure to ensure that transactions made on the Bitcoin network are secure. A relatively recent and innovative technology, bitFlyer was among the first exchanges to deploy it.
Unlike a typical Bitcoin address, “multi-sig” addresses need two or more separate signatures to trigger transactions. The number required is simply proportional to the total possible number.
Thus, multi-signature makes it possible to have extremely secure portfolios. This is because even if a private key is leaked or hacked, no funds can be removed from the wallet. It is extraordinarily difficult for a hacker to obtain more than two of these keys in a short period of time.
If you want to know more about bitFlyer’s security policy, as well as the different measures that the exchange applies to guarantee the peace of your cryptocurrencies, their website has a detailed page on this subject, which will be able to answer the all of your questions.
👉 To go further, find our interview with the bitFlyer marketing manager
Social networks & useful links
Receive a recap of crypto news every Sunday 👌 And that’s it.
This is a sponsored and paid article. Cryptoast has made preliminary research on the products or services presented on this page but could not be held responsible, directly or indirectly, for any damage or loss caused following the use of a good or service put forward in this article. Investments related to crypto-assets are risky by nature, readers should do their own research before taking any action and invest only within the limits of their financial capacity. This article does not constitute investment advice.
What to know about affiliate links. This page presents assets, products or services relating to investments. Some links in this article are affiliate. This means that if you buy a product or register on a site from this article, our partner pays us a commission. This allows us to continue to offer you original and useful content. There is no impact on you and you can even get a bonus using our links.
Investments in cryptocurrencies are risky. Cryptoast is not responsible for the quality of the products or services presented on this page and cannot be held responsible, directly or indirectly, for any damage or loss caused as a result of the use of a good or service highlighted in this article. Investments related to crypto-assets are risky by nature, readers should do their own research before taking any action and invest only within the limits of their financial capacity. This article does not constitute investment advice.
About the Author: Lilian Aliaga
Freelance writer located between Paris and Toulouse. I want to share my passion for the world of cryptocurrencies with as many people as possible. I am also interested in technical analysis and trading.
All articles by Lilian Aliaga.