Five Security Questions You Should Be Asking
You should only use platforms that have implemented the best security practices. In 2019 alone, eight cryptocurrency exchanges have been hacked for a total of $123 million, and the account information for over 450,000 people has been stolen in system breaches.
Unfortunately, hacks and breaches have plagued the cryptocurrency space since 2011. And each hack/breach emphasizes the importance of using a secure platform. When it comes to choosing a secure cryptocurrency brokerage or exchange, you should know what the platform does to protect its user’s sensitive information and funds. Here are a few common questions regarding cryptocurrency brokerage and exchange security that you will want to know the answers to before you deposit money into the platform.
What personal identification information does the exchange collect?
You should always be aware of what personal identification information (PII) the platform is collecting and what they are using that data for. Personal identification information is any piece of data that can be used to identify a person; for example, drivers licenses, addresses, passports, email addresses, and phone numbers. If your PII gets into the wrong hands, then the attacker could steal your identity to commit crimes like financial fraud. That being said, you are going to want to know what PII a cryptocurrency platform collects and how they safeguard that information.
At Amplify, we only collect the customer information that is required for KYC/AML compliance purposes, and the data we collect is encrypted when at rest and in transit.
Does the exchange have insurance?
When it comes to using a platform that stores your wealth, you should choose a platform that has insurance. If the platform you use is hacked or breach, you will want safeguards in place that protect your wealth. If an exchange does not have insurance, then it’s user community can be collectively financially impacted if a hack or breach occurs. For example, when Poloniex was hacked in March 2014, every trader with funds on the platform had their balance reduced by 12.3% to cover the costs associated with the hack. Clearly, this is undesirable and in our opinion, unacceptable.
Amplify will have $100 million worth of insured cold storage provided by Llyod’s of London for our BitGo supported coins. This means that Amplify users whose funds are in cold storage are guaranteed their money back in the event of a hack or breach as long as the attack does not result in the theft of over $100 million worth of cryptocurrency from our custodian. Amplify also intends to purchase more insurance as its assets under management grow and to fully insure its hot wallets in the future.
Does the exchange have a custodian or store funds in-house? Does the exchange use cold storage or hot wallets?
Does the exchange store user-funds in-house or with a third-party custodian? In addition, you will want to know if user funds are stored in cold storage or hot wallets — offline wallets or wallets connected to the internet.
When considering in-house solutions vs. third-party custody, third-party custodians tend to be highly reputable, insured, and regulated (qualified) while many in-house solutions are not insured or considered “qualified.”
Most exchanges use a combination of both cold storage and hot wallets. Cold storage to safeguard the lions share of their assets, hot wallets to facilitate quick deposits and withdraws. However, cold storage wallets provide better security than hot wallets. Cold storage wallets can only be hacked or breached if the private keys for the wallet end up in the wrong hands. But hot wallets can be hacked or breached if the database/server that they are kept on has a vulnerability.
Amplify will use BitGo as it’s custodian and Lloyd’s will insure our crypto-assets held at BitGo, starting at $100 million. In addition, Amplify will use hot wallets for its brokerage and exchange. These hot-wallets are for customer convenience, allowing them to receive credit for deposits and access their withdraws quickly. At launch, our hot-wallets won’t have insurance; however, we expect to have an insurance policy in place for the coins and tokens in our hot-wallets by the end of 2020.
What can I do to reduce my attack surface?
Brokerage and exchange users can reduce their risk of being a victim of an account hack or breach. As a platform user, you can not become careless when it comes to protecting your account information. This information gives individuals access to your wealth — and you do not want that to get into the wrong hands. As a brokerage or exchange user, you should make sure your account-login uses two-factor authentication (2FA) and that you frequently update your password.
Amplify users can protect their accounts with 2FA. In addition, Amplify will temporarily freeze an account if there seems to be a suspicious log-in attempt. And of course, Amplify’s customer-support division will be available to help customers if they notice malicious or unauthorized activity happening around their account.
Why You Should Only Use Secure Systems
When it comes to buying and selling a cryptocurrency, you should only trade on secure platforms. Hacks and breaches still occur in the cryptocurrency space, so it is crucial to do all that you can to protect yourself from these attacks. You should only use platforms and services with the best security practices in place when it comes to protecting personal identification information and wealth. Doing this will reduce your chance of being a victim of identity and financial theft.
Our team at Amplify is dedicated to making the buying, selling, and storing of cryptocurrency as safe and secure as can be. Therefore, we have implemented security mechanisms and safeguards across our system that reduces the attack surface as a whole. If you are looking for a cryptocurrency brokerage or exchange that exercises the best security practices in the cryptocurrency space and is dedicated to making sure user personal identification information and wealth are secure, then you are going to want to sign up for Amplify.
