Playing Safe

Tips on how to safeguard your cryptocurrency against fraud and theft.

Illustration by Raj Verma Illustration by Raj Verma

A midst all the bitcoin frenzy, notwithstanding the drastic gyrations in the value of the cryptocurrency, it has become imperative to safeguard it. Because the bitcoin is stored in digital form and there is no central regulator to monitor the currency, one remains exposed to dangers such as fraud, loss of password and malware attacks. There have been instances of exchanges getting shut and, subsequently, millions of investors losing their money. As several investors dabble in cryptocurrencies with little or no knowledge about the risks involved, the finance ministry has put out a word of caution against investing in virtual currencies. It comes after three warnings issued by the Reserve Bank of India.

First, it is important to understand that when you buy bitcoins through an exchange, the ownership of the cryptocurrency lies with the exchange - just the way it does with your broker in a trading account until you transfer it to your demat account. For complete ownership of the bitcoins, you ought to transfer it to a bitcoin wallet so that you don't lose ownership even on account of a fraud.

Sumanth Neppalli, cryptocurrency and blockchain analyst at Zebpay, a bitcoin exchange, says, "When you trade on exchanges your private key remains with the exchange, so they can even spend your bitcoins. Wallets give you the ownership and allow you to control your private keys."

To create a bitcoin wallet, you need a public and private cryptographic key pair (a string of letters and numbers). The public key is an address required when someone wants to send bitcoins to you; and the private key is a secret, alphanumeric password used to spend or send your bitcoins. Simply put, the public key is equivalent to your mobile number when you transfer money through the wallet, while the private key is like your username and password that have to be kept confidential. Here's how to go about choosing the right type of bitcoin wallet:

Hardware Wallets

This is a physical wallet that stores the private keys of a user in a hardware device (like a USB device). It lets you create a digital wallet that can be taken offline when not being used. The purpose is to keep private keys separate from internet-connected devices. In these wallets, the private keys are stored in a protected part of the microcontroller in an encrypted form. To transfer bitcoins, the hardware wallet generates a public address when connected to a computer. One can then send the virtual currency from the exchange to the public address generated. Once it is received, the device can be taken offline.

"You have to keep your wallet key safe; if it gets stolen or lost, you may lose your bitcoins. If you are not technical enough to use these hardware wallets, then you must keep your bitcoin with some reputed exchange as they store their user's bitcoins in cold storage and keep updating their security protocols. But in the second case, exchanges have the full ownership of your bitcoin," says Hesham Rehman, CEO and Co-founder, Bitxoxo, a bitcoin exchange company.

Ledger, Trezor and KeepKey are some of the popular hardware wallets.

Hot and Cold Wallets

Cold wallets operate offline with no access to the Internet, making them immune to online hackers. Hot wallets, on the other hand, are vulnerable to theft because they are always connected to the Internet. Experts suggest keeping small amounts of digital currency in hot wallets when one wants to make purchases, and otherwise storing them in cold wallets.

Sathvik Vishwanath, Co-founder and CEO at Unocoin, advises against storing all your bitcoins in the same wallet; and instead suggests using multiple cold wallets. "At the same time, remembering the key to the wallet is paramount, since that is the only access point to the wallet. For the same reason, it is essential for users to backup and encrypt their wallet," he adds.

It is crucial to encrypt your wallet because unencrypted wallets would reveal the private keys, compromising the security of your bitcoins., Mycelium and Copay are some popular wallet providers to choose from.

Due Diligence

Ashish Agarwal, Founder of Bitsachs, a cryptocurrency trading platform, says, "Investors should check the reputation and the number of downloads of a wallet service provider before deciding to buy from any particular one. A reliable wallet service provider bases the whole procedure of buying and trading of cryptocurrency on blockchain, a distributed public ledger." Wallet service companies follow a systematic procedure to protect your digital currency, including password manager and a two-factor authentication system (2FA).

Experts warn about surreptitious viruses when using these wallets. "Recently, we came across a mobile virus that, once installed on your smartphone, sends all your mobile activity to hackers. These viruses, a by-product of unauthentic apps downloaded on the device, can even bypass the 2FA," Rehman says. So, if you store a large amount of bitcoins, it's best to not use the device for any other purpose except to access your bitcoin wallet.