If you’re new to crypto investing, you might be wondering how to secure crypto investments from theft. And it would be a valid question, considering there are often stories in the news about scams, theft, and hackers making off with millions of dollars in cryptocurrency.
So what exactly do crypto exchanges do to keep your wallets and crypto secure? What security and authentication measures do these platforms utilize? How likely are your investments to be stolen? And what can you do to avoid becoming the victim of a hack?
How concerned should you be about crypto theft?
While you never question the security of keeping your money in a bank, how worried should you be about using crypto exchanges? Is it possible to secure crypto investments from theft on an exchange?
Exchange hacks are an unfortunate reality of crypto investing, and it’s true that they occur more frequently than bank heists. This is mainly because they only require hackers to discover a security flaw in the exchange website’s front or back end. But how big of a concern are they really?
According to cryptosec.info, there have been a total of 55 exchange hacks since 2011, amounting to a loss of $2.4 billion.
2021 saw one of the largest crypto hacks ever when the Poly Network exchange lost $600 million to a hacker (who, in a strange twist, ultimately ended up returning the funds).
Stories like this could make any crypto newbie hesitant to invest in crypto.
First, it’s important to note that blockchain technology and crypto itself are tough to hack. Crypto wallets, especially cold wallets, are also hard to hack, not to mention the payoff for thieves wouldn’t be worth the trouble.
For this reason, exchanges, particularly centralized ones, are primarily targeted because they are central locations, and the largest ones can handle up to billions of dollars in transaction volume.
So with this in mind, how worried should you be about exchange hacks? The best way to keep your crypto safe is to prepare as though you could be the victim of a hack.
Using an exchange with good security habits, a strong reputation, and a large user base are good things to look for to ensure your crypto doesn’t end up stolen.
In addition, check the exchange’s policy to see if they have insurance that they can use to reimburse their customers’ investments in the event of a hack. This is what Bitmart did after they suffered a hack in December 2021.
But no matter which exchange you use, you ultimately should not keep your crypto on it. This will give you the highest level of protection against hacks.
It’s almost always better to use a hot or cold wallet. The only exception might be if you are a day trader conducting many daily transactions.
How are crypto investments kept safe?
Centralized exchanges
So, what measures do centralized exchanges take to secure crypto investments? If you have an account with a centralized exchange, that exchange keeps your crypto in an exchange-hosted, custodial wallet.
This means that the exchange is responsible for holding on to your private keys for you. In a crypto wallet, private keys are used to authenticate and confirm transactions, similar to a password. Your private key should be kept secure at all times. If it is stolen, whoever takes it has access to your crypto.
Technically, if you don’t have your own private keys, that means you do not have complete control or ownership over your investments. However, the tradeoff is that you have more flexibility in buying, selling, and trading your crypto assets.
In addition, many exchanges keep their users’ crypto on a hot wallet to maintain fast transaction times. This also creates more risk because your crypto is essentially kept online 24/7.
Exchanges with the best reputations and large user bases will typically take more extensive security measures, such as keeping the majority of their user’s crypto in cold storage and only leaving enough in hot wallets for daily withdrawals or transactions. These are offline physical hardware units that cannot be hacked.
That way, the exchange can keep only enough crypto in hot wallets for daily withdrawals or transactions, while most of it is secure.
Centralized exchanges may also take other steps to keep their website’s front and back end code secure.
Larger exchanges can afford to hire cybersecurity experts who can ensure there are no flaws in the code that criminals can exploit.
Centralized exchanges may also encrypt users’ data and other sensitive information and require two-factor authentication and strong passwords for all accounts.
But ultimately, if you use a centralized exchange and decide to keep your crypto on it, you are placing all of your trust in the exchange to protect that investment for you.
Decentralized exchanges
Decentralized exchanges are vulnerable to crypto hacks in a different way than centralized exchanges are. With a decentralized exchange, the platform does not take custody of your crypto at any point. Instead, it acts as a host for users to find and transact with one another.
This generally makes decentralized exchanges safer than centralized ones since you maintain control over your crypto at all times, and there is no exchange-based wallet for you to leave it on.
However, this doesn’t mean decentralized exchanges are immune to hacks. Hackers can exploit flaws in the website’s code to intercept the transactions on the site.
For this reason, you need to make sure you take the same precautions you would for choosing any other exchange: research its reputation, how many users it has, and what its security protocol is like. If they’ve been hacked in the past, what have they done to tighten their security since then?
What you can do to secure crypto investments
Keep in mind that pretty much anyone can start their own exchange. This means many smaller exchanges out there lack the staffing or resources to adequately invest in appropriate security protocols to protect their users’ investments.
In addition, it’s possible for an exchange to potentially be a scam itself, shutting down and taking its users’ funds with it.
So, what can you do to protect your crypto investments when using an exchange?
When researching the best exchanges, look up what kind of security measures they have. Do they keep the majority of users’ investments in offline, cold storage? Do they require users to have two-factor authentication? How do they store customers’ data?
Also, choose an exchange that has insurance to compensate their users in the event of a hack.
Other steps you can take include using an authentication app for 2FA (not through SMS or email) and creating a unique email address for your account on the exchange.
However, as mentioned above, the best way to secure crypto investments from theft is by taking them off the exchange completely and using a hot or cold wallet.
About the Author
Michael Hearne
About Decentral Publishing
Decentral Publishing is dedicated to producing content through our blog, eBooks, and docu-series to help our readers deepen their knowledge of cryptocurrency and related topics. Do you have a fresh perspective or any other topics worth discussing? Keep the conversation going with us online at: Facebook, Twitter, Instagram, and LinkedIn.