If you’re new to the crypto world, you may wonder how exactly exchanges and wallets secure crypto investments from theft. It’s a reasonable question to ask, considering that anyone who follows the crypto world has seen news headlines about hackers stealing millions of dollars of crypto.
In this post, we’ll compare the security protocols of crypto exchanges and wallets to traditional brokerage accounts. We’ll also look at security protocols that more exchanges will use in the future as crypto becomes more mainstream, such as distributed key management.
But first, it’s important to note how blockchain technology keeps crypto investments incredibly safe. Crypto exchanges are centralized entry points for hackers, which make them vulnerable to attack.
But blockchain technology itself, which underlies every cryptocurrency, is known for being extremely hard to hack because it is decentralized, and the information recorded on the blocks cannot be altered in any way.
So, how do security protocols in exchanges and traditional brokerages differ? Is one safer than the other? What do exchanges currently do to secure crypto investments from theft?
What security mechanisms are in place for crypto exchanges and wallets?
Decentralized exchanges
Decentralized exchanges are generally safer against crypto hacks than centralized ones. This is because a decentralized exchange does not ever take custody of your crypto at any point in a transaction. Instead, it simply acts as a host for users to find and transact with each other.
However, this doesn’t mean decentralized exchanges are immune to hacks. Hackers can exploit flaws in the website’s code to intercept the transactions on the site. They can also hack into a coin or token’s code, create a pump-and-dump scam, or a phishing attack.
For this reason, you need to make sure you take some precautions:
- Research the reputation of the DEX.
- See if it has a whitepaper.
- Check if the site’s code has been audited and how many users it has.
- If they’ve been hacked in the past, what have they done to tighten their security since then?
Also, research individual coins or tokens before trading, beware of phishing attacks, and take simple measures like anti-virus software on your device. Also, make sure the wallet you use has two-factor authentication enabled or even biometric measures for hardware wallets.
Centralized exchanges
If you have an account with a centralized exchange, that means that the exchange holds your private keys, and thus your crypto, for you.
Technically, if you don’t have your own private keys, that means you do not have complete control or ownership over your investments.
Private keys are kept securely in offline storage because if hackers were to access them, they would be able to take every user’s crypto.
Many centralized exchanges keep their users’ cryptocurrency on a hot wallet to maintain fast transactions.
But exchanges with the best reputations will typically keep the majority of their user’s crypto in cold storage because it’s the best way to secure crypto investments in the event of a hack.
In addition, some exchanges can afford to hire cybersecurity experts who can ensure there are no flaws in the code that criminals can exploit.
Centralized exchanges may also use distributed key management, encrypt users’ data and other sensitive information, and require two-factor authentication and strong passwords for all accounts.
Crypto wallets
Hardware crypto wallets are kept secure because they are offline devices. Other measures they may take to secure crypto investments from theft include setting a PIN, having a recovery phrase if you lose your wallet, and even biometric authentication.
There are more security measures necessary for software wallets since they are kept online.This includes requiring a strong password and two-factor authentication, anti-virus protection, encryption of user data before it is stored, recognizing devices, and regularly ensuring their site/app code is secure, especially if the code is open source.
Because hot and cold crypto wallets are non-custodial, it is the user’s responsibility to protect their own private keys and watch out for possible email or text-based phishing attacks. Other security measures users can take include researching a wallet’s reputation before creating an account and making sure they keep the software up to date.
What security mechanisms are in place for traditional brokerage accounts?
Traditional brokerage accounts offer many of the same security features as centralized exchanges since they operate similarly–you deposit your money into a brokerage account, and they hold those investments for you.
This includes requiring every user to have strong passwords and two-factor authentication.
Sites also have identity verification, encryption of sensitive information, specific training for employees who handle user data, 24/7 account monitoring, and automated alerts whenever someone tries to gain access to your account.
Where traditional brokerage accounts differ from exchanges is that users’ investments are insured by the Securities Investor Protection Corporation (SIPC), which offers up to $500,000 in protection per customer if the brokerage goes bankrupt.
If they have the right resources, some crypto exchanges might also secure crypto investments from theft by offering insurance for their users’ assets.
Other security measures depend on the user:
- Having anti-virus software installed.
- Watching out for phishing attacks.
- Accessing the account only on a secure Wi-Fi connection.
How do security protocols differ between crypto exchanges and traditional brokerage accounts?
Authenticator app | 2FA | Require strong password | Encryption | Offline storage of data or assets | Insured | |
Centralized exchange | ✓ | ✓ | ✓ | ✓ | ✓ | Some |
Traditional Brokerage Account | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ |
As you can see, centralized exchanges have many of the same security protocols as traditional brokerage accounts to secure crypto investments. On the other hand, decentralized exchanges don’t have any of the above security features.
In fact, many of them don’t require a user to sign up or create an account at all because they just act as platforms where people can transact with each other. And because they don’t hold on to customer funds, they don’t offer insurance.
While all this might make it seem like decentralized exchanges are less secure and centralized exchanges are the better choice, this isn’t necessarily the case. Centralized exchanges are a single point of access, making them a more convenient target for hackers.
In many ways, decentralized exchanges offer more security than centralized exchanges because there is no stash of assets or data for hackers to find. No sensitive data is left on the platform. Instead, it’s up to you as the user to protect your own crypto and data.
Whenever decentralized exchanges are hacked, it’s usually due to a flaw or bug in the platform’s code. For this reason, make sure the DEX you are using audits their site and checks for security issues.
The future of how to secure crypto investments from hackers
As crypto becomes more mainstream, platforms will need to look for better ways to secure crypto investments from theft.
One method becoming increasingly important is a technique called distributed key management. Distributed key management is a way to protect cryptographic keys by breaking them into “shards” and spreading them across multiple devices.
This way, even if a hacker gains access to one device, they would need to access every device with a shard to complete the key. Cryptographic keys don’t just refer to public or private keys– keys are used in various cryptographic functions, such as authentication, encryption or decryption, and authorization.
Other security features that will likely be more commonplace in exchanges and wallets include:
- Requiring two-factor authentication or multi-factor authentication
- The use of multiple cryptographic keys to open your wallet
- Keeping funds in cold storage
- Hiring cybersecurity experts to conduct site audits and examine the site’s code
- Having insurance in the event of stolen funds.
Aside from this, remember that securing crypto investments from theft will also depend on you and the security measures you take. Make sure you research an exchange’s reputation before using it and keep your crypto on a separate wallet instead of a centralized exchange.
Also, use a VPN, anti-virus software, private Wi-Fi connection, and never click on email links even if they appear to be legitimate–always login directly to your account.
About the Author
Michael Hearne
About Decentral Publishing
Decentral Publishing is dedicated to producing content through our blog, eBooks, and docu-series to help our readers deepen their knowledge of cryptocurrency and related topics. Do you have a fresh perspective or any other topics worth discussing? Keep the conversation going with us online at: Facebook, Twitter, Instagram, and LinkedIn.