What is NFT Technology, and is It Secure?
A non-fungible token (NFT) is a type of cryptocurrency that represents a unique asset, typically digital art or collectibles. NFTs are stored on a blockchain, like Bitcoin or Ethereum, and can be bought, sold, or traded like other cryptocurrencies.
NFTs have become popular in recent months due to their association with digital artworks and games. NFTs have been around for several years, but they gained mainstream attention in 2017 with the release of CryptoKitties, a digital collectible game built on the Ethereum blockchain. Since then, numerous other games and applications have launched that use NFTs to represent in-game items, collectibles, and even real estate. The key feature that makes NFTs so powerful is that they can be used to represent any type of asset imaginable.
Why are NFTs important?
NFTs represent a new way of thinking about ownership and value. Non-fungible tokens (NFTs) are digital assets that are unique and not interchangeable. Unlike cryptocurrencies, which are identical and interchangeable, each NFT is one of a kind. This makes them ideal for representing digital scarcity and ownership.
“Tokenizing” these real-world tangible assets makes buying, selling, and trading them more efficient while reducing the probability of fraud. Source: Investopedia
Besides representing people’ identities and property rights, NFTs may also be used to represent a wide variety of other things.
Are NFTs private and secure?
Although NFTs have been heralded as a breakthrough in digital asset ownership, there are nevertheless some inherent risks involved in their use.
One of the biggest concerns is the lack of security and privacy surrounding NFTs. Because they are stored on a blockchain, NFTs are public information. This means that anyone can view the transaction history of an NFT, including who owns it and when it was purchased. Although crypto wallets are pseudonymous, many exchanges have Know Your Customer rules in place and gather a plethora of additional information about their customers. The major means of avoiding public scrutiny is to adopt obfuscation techniques like as utilizing several wallets for each transaction. Therefore, if a user links an NFT to any aspect of their online or offline identity (for example, by using an NFT as their profile image on Twitter), it becomes trivially straightforward to discover what else their wallet has been up to.
While knowing who purchased which JPEG may not seem like a big concern at first, it becomes more important as crypto enthusiasts promote the use of NFTs for things like house ownership, medical data, and social networking platforms.
In the wrong hands, one wallet — or even a network of wallets that are not appropriately obfuscated — could operate as a large bucket of personal data that can’t be kept secret and can’t be removed from a blockchain.
Additionally, because NFTs are often traded on decentralized exchanges, there is no central authority to provide customer support or intervene in the event of fraud or theft.
In December 2021, artist Waka Flocka Flame discovered that he had a lot of NFTs in his wallet that he had not previously acquired.As immutable, append-only recordings of transactions, tokens that are put into a user’s wallet cannot be simply removed from his or her possession. Rather, they must be “burned,” as the expression goes. “Burning” is a kind of transaction in which an NFT (or any other token) is moved to an address that no one controls and that can’t be retrieved, thereby rendering it unrecoverable.
Every non-financial transaction is controlled by a “smart contract.” These contracts are simply little containers for code, in which developers may place small applets to demonstrate their skills. This is what makes things like royalty payments possible, but the code included inside it might be anything, including deceptive frauds or even malicious software (malware).
As such, users of NFTs must be vigilant about ensuring the safety and security of their assets.
What are NFT risks?
There is always a risk of fraud with any type of investment, and NFTs are no exception. As with any other type of investment, it’s important to do your research before buying into any scheme, and to be aware of the risks involved. When it comes to non-fungible tokens (NFTs), there are a few key weaknesses to be aware of.
First and foremost, NFTs lack security and privacy which we addressed previously. Unlike traditional fiat currencies or even cryptocurrencies, NFTs are not backed by any central authority or protected by cryptography. This means that NFTs are vulnerable to hacks, fraud, and theft. Additionally, because NFTs are stored on decentralized networks, there is no guarantee of their privacy, safety or security.
Another key weakness of NFTs is their lack of liquidity. Unlike traditional investments such as stocks or bonds, which can be easily bought and sold on secondary markets, NFTs cannot be traded freely.
Biggest NFT Scams
Fraudulent schemes involving non-fungible tokens (NFTs) are becoming more common, as the popularity of this new technology grows. While there are many legitimate uses for NFTs, scammers are using them to prey on unsuspecting investors.
The biggest NFT scams are multi-level marketing schemes, in which people are promised large profits for recruiting others into the scheme. These schemes often promise participants that they can quit their jobs and live luxurious lifestyles thanks to the income from their NFT investments. However, most participants lose money in these schemes, and the vast majority of earnings go to those at the top of the pyramid.
One of the most common scams is known as an “NFT Ponzi scheme.” This type of fraud involves promising investors high returns from buying and selling NFTs. However, instead of using the funds to buy actual NFTs, the scammer keeps the money for themselves. Eventually, when enough people have been scammed, the scheme collapses and everyone loses their money.
That said, there are a number of measures that can be taken to help reduce the risk of fraud, including:
- Only investing in established, reputable companies
- Checking for the presence of security features
- Reviewing the company’s terms and conditions carefully before signing up
- Never revealing your private keys to anyone else
- Enabling two-factor authentication on all your online accesses
Personally, I believe that there is a lack of security and privacy when it comes to NFTs. This is because anyone who has your private key (usually not well secured by users) can access your NFTs and view the transaction data associated with them. Additionally, because NFTs are stored on blockchain networks, they are typically publically viewable — meaning that anyone can see what you own or have purchased.
This lack of security and privacy is a major concern for many people, myself included.
Follow Magda on Twitter: https://twitter.com/m49D4ch3lly
By Magda Chelly
Chief Security Officer | TEDx Talk | Author & Keynote Speaker | IFSEC Global Top 20 Cybersecurity Influencer | Entrepreneur | PhD, S-CISO, CISSP, Cert SCI (General Insurance)
Find out on magda-on-cyber.com
Awards
- The IFSEC Global influencers in security and fire 2021
- Top Women in Security Asean Region 2021 Awards https://www.asiapacificsecuritymagazine.com/winners-and-judges-of-the-top-women-in-security-asean-region-2021-awards/
Follow Magda on her Social Media Accounts:
- LinkedIn: https://www.linkedin.com/in/m49d4ch3lly
- Twitter: https://twitter.com/m49D4ch3lly
- Facebook: https://www.facebook.com/m49d4ch3ly
- Instagram: https://www.instagram.com/m49d4ch3lly
