All You Need to Know About the Secure Wallet’s Security

So you know the difference between hot and cold storage methods. And you know that to protect your investments you need to protect your private keys. Now it’s time to understand exactly how the Secure Wallet’s security features keep your assets safe, and exactly what sets it apart from other cold storage devices on the market.

Security Features at a Glance

If you haven’t glimpsed the Secure Wallet yet, there are a few key design features that improve its overall security (we’ll go into more detail below).

1. The Secure Wallet is the same size and thickness as a credit card, making it ultra-portable, and giving you the option to keep it on you or to store it in a secure location.
2. Completely wireless interaction, preventing cyber-attacks and malware from compromised devices
3. CC EAL5+ certified- the highest security standard for government level deployments.
4. Encrypted Bluetooth connectivity
5. Only cold wallet available to use a One-time-password generation feature
6. Users must physically press the built-in confirmation button to confirm any transaction that sends cryptocurrency off the Secure Wallet.
7. Seed generation and recovery phrase (to recover your assets if you lose your wallet, your phone, or both)

So how do the components of the Secure Wallet security interact to bring you the safest cold storage wallet available?

The Secure Element

The main function of the Secure wallet’s security measures is to keep your private keys safe. In fact, by using the companion app and physically approving all transactions leaving the wallet, the private keys are never exposed, nor do they ever leave the secure element (microchip).

This chip, the Smart MXTM secure element (SE), is a state-of-the-art security crypto-controller. It is designed specifically for high-performance security chip card management and applications. This allows for contactless interactions and multi-factor authentication requirements. Without going too deep, some of the SE’s genetics include:

• Smart MXTM high security micro-controller IC secure element
• Security certified according to CC EAL5+
• Data retention time: 25 years
• Endurance: 500 000 cycles minimum
• Interfaces:
  -Contact interface according to ISO/IEC 7816
  -Contactless interface according to ISO/IEC 14443 A
• Voltage class: C, B, and A (1.62 to 5.5 V)
• Memory Management Unit (MMU)
• High-speed 3-DES coprocessor (64-bit parallel)
• High-speed AES coprocessor (128-bit parallel)
• PKI (RSA, ECC) coprocessor FameXE (32-bit parallel)

Don’t worry too much if you don’t understand these functions. The main takeaway from the secure element is to understand that it is impenetrable. By implementing Bitcoins ECDSA algorithm with parameter secp256k1 the element can generate and digitally sign transactions without the private keys ever leaving the chip.

Connectivity and Hosting

One unique feature of the Secure Wallet’s security is the ability to interact with it wirelessly. This makes the wallet exceptional in that it is the only true cold storage device available, removing any potential threats from wiring it directly to a laptop or phone. It does this via an encrypted Bluetooth connector and Bluetooth low energy interface.

Whilst the connection is secure, have also taken into account the need to securely register and pair a device. For this example we’ll use your apple or android smartphone. We call this becoming a ‘host’ of the Secure Wallet. For this to occur:

• You install the ECOMI App.
• Select the Secure wallet as the device to connect. In doing so you provide your devices UUID (universally unique identifier) to the Secure Wallet (this is how Bluetooth connections work).
• The Secure Wallet will generate a 6 digit one-time-password and display it on the e-paper display screen on the wallet.
• This is then entered into your smartphone, which generates the device key and pairs the devices.

On the surface, connecting and instantaneously applying the Secure Wallet’s Security is as simple as pairing a device. However, behind the scenes, a challenge-response mechanism is also at play to confirm that both the UUID and one-time-password match. If there are any discrepancies the devices will not pair.

Can I Connect More Than One Device?

The Secure Wallet’s security is equipped to simultaneously host 3 devices. When you connect to the Secure Wallet for the first time, there are no risks to security as there are no private keys stored on the wallet. In order to connect additional devices, however, they must be approved by an already activated/approved host.

Hierarchical Deterministic Keys

One function of the Secure Wallet’s security is the ability to generate Hierarchical deterministic keys (HD keys). Before we dive too deep, however, we need to understand a couple of things:

• HD keys are a type of deterministic wallet, which uses a ‘seed’ to allow for the generation of child keys from a parent key. This can be a string of words or numbers.
• The relationship (chain of code) between the parent and child keys is invisible to anyone/anything without the original seed. HD keys are primarily used to simplify wallet backups, as you only ever need the original seed to generate an infinite number of child keys. In this way, if you lose your Secure Wallet, you can regenerate the child keys using your parent key, and regain access to your individual wallets and assets.
• The mnemonic phrase (seed). In cryptography, this is typically a 12–24-word phrase of random words strung together. This phrase is then used to generate the seed, and as a back up to recover your private key.
• The master node- where your private keys are stored.

An example ‘seed phrase’ with accompanying QR code

The issue with using a hot wallet is that your mnemonic phrase- the seed that gives access to your private keys- can be compromised simply by using a screen capture virus. In contrast, the Secure Wallet’s security measures circumvent this issue by allowing you to generate a number-style mnemonic phrase on the ECOMI app.

This string of numbers is converted into a string of words displayed on the e-paper screen for you to record, and to enter into the ECOMI app to confirm you have it recorded correctly. Subsequently, the Secure Wallet will generate the master node entirely within the devices secure element, ensuring that your private keys can never be compromised. In order to recover your device, the process is reversed. Your mnemonic (word) phrase is converted into a string of numbers, which are confirmed by the Secure Wallet’s security functions, and allows you to regain access to your parent and child keys.

Confirming Transactions and Updates

The key to the Secure Wallet’s security lies in the need for user interaction to confirm transactions. Whereas viruses or malware may attack hot wallets or wired cold storage devices, the Secure wallet circumvents this with the following security policies:

1. It displays the receiver’s address on the e-paper screen. This prevents any tampering with the destination and allows the user to visually confirm it.
2. The Secure Wallet requires you to physically interact with it in order to sign and approve any transaction. That is to say, for any transaction to leave the device you have to confirm it by pressing the red button. Without this direct interaction, no assets can be released from the Secure Wallet.

The Secure Wallet’s security and firmware can also be updated over-the-air. This means that as new currencies, forks, and security updates become available, the device can be instantly updated through the ECOMI app. This is done through an encrypted loader key, which, once validated and decrypted, will update your cold storage device.

By maintaining truly wireless connectivity, as well as the ability to generate master nodes within the Secure Wallet, it is easy to see why it is the most secure cold storage device available. The Secure Wallet’s security features have been designed and developed with you, the user, in mind. By allowing you to seamlessly create and encrypt private keys, as well as securely storing them, the team at ECOMI has created a unique, user-friendly and ultra-secure cold storage device.

For more information check out our online store or join us on Telegram!

About ECOMI

ECOMI is a technology company based in Singapore and is leading the way in the emerging digital collectibles space. ECOMI offers a one-stop-shop for digital collectibles through the ECOMI Collect app bringing pop culture and entertainment into the 21st century.

The Collect app allows users to experience true ownership of premium digital collectibles. Through the app marketplace, users can obtain common, rare, or one-of-a-kind digital collectibles, share these across the social network service, and exchange them with the Collect community, all from the palm of their hand.

ECOMI sees digital collectibles as a new asset class which offers intellectual property owners the opportunity for new revenue streams in the digital landscape. Digital streaming, gaming, and in-app purchasing have become a multibillion-dollar market and the next to join this digital trend is the pop culture and collectibles industry.

For more information please see the ECOMI Collect Whitepaper or join the community on Telegram, Twitter and Facebook.