Are You Storing Virtual Currency Safely and Securely?
Many companies have started to offer wallet services and programs to help store your virtual currency. Yet it isn’t always clear whether these companies offer a personal wallet or a hosted wallet. With a personal wallet, only you know the private keys and the company that created the software does not control your virtual currency. Alternatively, with a hosted wallet, a third party knows your private keys, does not reveal them to you, and will send, receive, and store virtual currency on your behalf. This is like a traditional bank that stores your cash in a vault and does not give you the keys to open it.
Some companies also offer software as a service. In this case, the company hosts the wallet software on their servers but not the private keys. Users can log in, send, and receive virtual currency, as well as monitor transactions using their own private keys (which the company never receives). These types of wallets are referred to as online personal wallets because the private keys are not hosted.
Factors to Consider When Selecting Your Digital Wallet for Cryptocurrency
Despite the similar use cases, the consequences of using one kind of wallet versus the other are quite different. In particular, the question of who is liable if your wallet is defrauded may depend on who had access to the private keys. However, the liability distinction is not always black and white if multiple private keys are used to control the same virtual currencies. The benefit of using a trusted hosted wallet is that it is user-friendly, and you don’t have to worry about storage security. Furthermore, most hosted wallet providers will oblige with law enforcement officials if they ask the hosting company to investigate a malicious attack.
3
major factors to consider
when comparing storage methods are safety, security, and convenience.
Three major factors to consider when comparing storage methods are safety, security, and convenience. These attributes can sometimes conflict with each other. For example, methods that make it convenient for you to spend your bitcoins may inadvertently make it easier for a thief to spend them as well. Similarly, duplicating your private key and giving it to friends and family for safekeeping is a good strategy to prevent accidental loss; however, it also makes it more likely that your private key will fall into the wrong hands.
The most common storage methods are storing small amounts of virtual currencies conveniently but less securely and storing large amounts less conveniently but more securely. A similar example is having a small amount of cash in your pocket but keeping most of your money in a traditional bank account.
Storing Small Amounts of Virtual Currency
Many easy-to-use methods are available for storing virtual currency, but they all share one fundamental weakness. The disadvantage of convenient wallet options is that a sophisticated attacker could breach the layers of security and access your virtual currencies from a remote location. However, this situation can also happen with traditional online banking. For example, if you access your online bank account using a laptop, a malicious program could monitor your keyboard presses and steal your password. Banks remedy this weakness by implementing strict daily withdrawal limits or other measures that mitigate the impact of fraudulent access.
With virtual currency, the best mitigation strategy is to store most of your funds in cold storage. Cold storage is a digital wallet for cryptocurrency that is not connected to the internet. By doing this, your crypto wallet is more secure and protected from unauthorized access. Digital currency cannot be accessed remotely with cold storage, which is also a more convenient method for daily spending. To effectively safeguard small or large amounts of cryptocurrency, there are various options available with different levels of complexity.
Online Hosted Wallets
A reliable method for sending and receiving small amounts of virtual currency is through an online hosted wallet service. Online hosted wallets are intuitive, and users don’t typically need to understand the inner workings of virtual currencies. No software installation is required, and users can sign up and log in to their wallet via a web browser.
Online hosted wallets are like most traditional financial services. For example, when you open a bank account, the service handles your money on your behalf and manages all transfers, deposits, bill payments, and security measures. The same holds true of a hosted wallet, except the virtual currency is yours but not directly in your possession (you do not have access to the private key).
One warning sign of a weak storage method is if you can access your hosted wallet using just a username and simple password. This could be an indication that your provider might be vulnerable to online attacks. Quality wallet service providers, such as the United States (U.S.)-based company Coinbase, require two-factor authentication for users to access their bitcoins. Two-factor authentication requires the use of a phone or another secondary device in addition to a username and password.
As the Bitcoin world has evolved, no hosted wallet provider has a long track record of incident-free bitcoin storage. For this reason, hosted wallets offer the least amount of privacy. When you use hosted wallets, the provider knows who you are, the number of bitcoins you have, and all your incoming and outgoing transactions.
Online Personal Wallet Service
In addition to hosted wallets, another effective method for sending and receiving small amounts of virtual currency is an online personal wallet service. Online personal wallets look and behave like hosted wallets but with a key difference. These wallets provide the tools to send and receive currencies, but they don’t know your private key. For example, once the website loads locally on your device, it communicates with a distant web server and generates your private keys from your password. This enables a signed transaction, but your password (and private keys) never leaves your device.
Although online personal wallets are just as easy to use as hosted wallets, there is greater user responsibility. To use an online personal wallet, you access it online via a username and password, just as you would a hosted wallet, but if you forget your password, you have no recourse. Because the service providers don’t know your passwords, they cannot help you recover them. Online personal wallets also offer much greater privacy than hosted wallets, especially because they don’t require any personally identifying information to register an account. Law enforcement could, however, request usage patterns and other data from the service provider.
Personal Crypto Hot Wallets
Lastly, a personal hot wallet is a reliable method for sending and receiving small amounts of virtual currency. A personal crypto hot wallet is a software program that runs on a device you own. This digital wallet for cryptocurrency gives you complete control over your currency without sacrificing convenience. There is no third party involved to operate a personal hot wallet.
Even though crypto hot wallets come with more control, there is a higher level of responsibility than if you were using an online wallet service. For example, your private keys save to the same device that connects to the internet and communicates with the Bitcoin network (the defining feature of a hot wallet). Therefore, you need to be vigilant about protecting your device from malware, viruses, and other cyberattack attempts that could lead to theft.
If you are storing your private keys on your computer, keep in mind that your computer might be lost, stolen, or destroyed – and the bitcoins in your crypto hot wallet might be worth more than the device! Fortunately, unlike a physical wallet, you can back up your Bitcoin wallet. It’s crucial to be mindful of where you store your backups. For instance, you may want to avoid using cloud storage.
Storing Large Amounts of Virtual Currency
In contrast to storing small amounts of virtual currency, offline wallets like cold storage are recommended to ensure optimal security for larger amounts. Cold storage methods require physical access to information that is not accessible via the internet. Additionally, cold storage methods considerably reduce the risk of theft. Most of these methods are suitable for safely storing large amounts of virtual currencies for long periods of time.
Cryptocurrency Paper Wallets
One cold storage method is using a paper wallet. Cryptocurrency paper wallets are one of the most simple and popular cold storage methods. With a paper wallet, you generate a virtual currency address and private key on an offline computer. When you decide to spend your saved currency, you can use the “import to private key” or “import paper wallet” function that most wallet programs include. At this point, your virtual currency will no longer be in cold storage.
Cryptocurrency paper wallets also allow you to spend some of your saved currency and keep the rest in a paper wallet. After importing your private key into a hot wallet, you should immediately store the remainder of your currency in a new paper wallet.
Moreover, the encrypted paper wallet method was invented to improve the security of the cryptocurrency paper wallets and encrypt private keys. The only way to decrypt your private key is with a password you choose, preventing thieves from accessing your private key and your virtual currency. However, keep in mind that if you forget your passphrase, you’ll permanently lose access to your virtual currency. If your encrypted paper wallet is stolen, you can use your duplicate copy to import your bitcoins into a hot wallet, and then store them in a new encrypted paper wallet. Even if a perpetrator eventually determines your passphrase, you will have moved your bitcoins by then.
Offline Transaction Signing
For users who regularly handle large amounts of virtual currency, the offline transaction signing method has the most security. This method requires two computers and is considerably more advanced than using paper wallets. One computer has a personal hot wallet, but the private key is omitted. Therefore, when you click “send bitcoins” you will be asked to perform an additional authorization step using a second computer, which contains the private keys and is not connected to the internet. The second offline computer also has a wallet program installed and only functions to authorize or digitally sign the transaction. The offline computer is used to create a file that contains the digitally signed transaction, which is then copied to the online computer and broadcasted to the Bitcoin network.
Although this method is very secure and can be used to store fairly large amounts of bitcoins, processing many transactions per day can be a cumbersome process. One potential risk is losing the private keys stored on your offline computer if your private keys are compromised or your computer is stolen or seized. However, the primary advantage of offline transaction signing instead of importing keys from paper wallets is that a cold-to-hot storage transition never happens. Your bitcoins are always in cold storage, even when you spend from the address where they are stored.
Which Method is Right for You?
The best storage route to take is to start small and choose a digital wallet for cryptocurrency that you’re comfortable with. If you’re using a complicated Bitcoin storage scheme, it’s important to remember that you’re at risk for human error. Once you’re more comfortable with how virtual currency works, you can gradually increase the amount you own and the level of security you use.
Learn More
