Is Coinbase Safe?
If you’re going to deal and trade in cryptocurrencies, you want to use a digital wallet and platform that will keep your details and your money safe. Currently valued at more than $1.5 billion, Coinbase seems to be one of the more popular platforms out there. But, is Coinbase safe?
What Is Coinbase?
Coinbase is a platform that allows you to trade digital currencies, such as Bitcoin and Ether. According to Investopedia, the platform is a global digital asset exchange (GDAX) that provides a place where people can buy and sell digital currencies, and that communicates with the blockchain to confirm transactions.
Along with letting you buy and sell digital currencies, Coinbase acts as a digital wallet, giving you a place to store any currency you purchase.
According to Brian Armstrong, the CEO and co-founder of Coinbase, the company’s mission to open up the financial system. He compares the opening of the global financial system to the opening of information provided by online publishing. With digital currencies and GDAX platforms, the hope is that there will be more opportunity, greater freedom and more innovative.
Armstrong outlines a four step process that will create the network effect needed to establish a new, open financial system.
- Create a retail exchange where consumers can easily invest in Bitcoin and other digital currencies. The exchange will be easy enough for even the least “techy” of people to use and will offer convenient payment options.
- Encourage financial institutions and professional traders to use the platform, to increase liquidity and growth of trading volumes. In answer to the question, is Coinbase safe? The company will use security methods and compliance measures to encourage larger investors.
- Build a mass market, consumer interface so that people can use digital currency to pay for things. Armstrong describes this as digital currency’s “Netscape moment,” meaning it will be the time when digital currency trading and use reaches critical mass and is broadly used by all types of people.
- Create new applications or invest in and partner with others who are making digital currency apps, in particular, replacements for the products and services people currently use, such as fundraising platforms, lending platforms, escrow accounts, venture capital and merchant processing.
Coinbase launched in 2012. In August of 2017, it raised $100 million in series D funding, Business Insider reported, putting its total value at $1.6 billion. It is currently available in 32 countries and has 9 million customers. According to Fortune, Coinbase’s customers store a total of $3 billion on the platform and have so far traded $25 billion on the retail brokerage and the GDAX.
Coinbase also as a reputation for being one of the most secure digital currency platforms out there. According to Fortune, it has never been hacked. That’s a remarkable contrast from other digital currency exchanges.
For example, in 2014, Tokyo-based Mt. Gox had to file for bankruptcy after hackers stole $460 million from it. In 2016, Bitfinex, based in Hong Kong, had to suspend operations after hackers stole $72 million (about 120,000 units of Bitcoin and other digital currency).
How Safe Is Coinbase?
In many ways, cryptocurrency is particularly appealing to hackers and criminals. Bloomberg reported that there is a 1 in 10 chance a person who participated in digital currency trading will end up the victim of theft.
One reason for that is that has to do with the very nature of digital or crypto currency. Transactions made with Bitcoin and other digital currencies are irreversible. Once someone trades or sells the currency, there’s no going back.
With fiat currency (like US dollars or British pounds), a central bank or government can step in and prevent a seedy transaction from occurring. If you’ve ever had someone swipe your debit card and use it to drain your bank account, you know that you can get most, if not all, of your money back by reporting the crime. You don’t get money back when someone steals your Bitcoin.
So, the question remains, is Coinbase safe? Fortunately, the platform takes several steps to protect itself and to protect the people who use it. Although the platform as a whole hasn’t been the victim of large scale theft the way Bitfinex and Mt. Gox were, several individuals on Coinbase have had their accounts broken into, according to Fortune.
That theft occurs on the individual level and not on the platform as a whole suggests that the security measures Coinbase has in place are working. It also suggests that if you want to use the platform, you should take additional steps to protect your money and your identity.
Here’s what Coinbase does to make itself more secure:
Funds Stored Offline
Coinbase storages the vast majority of customer funds – 98 percent – offline. Often known as cold storage, it’s a process that involves transferring the bitcoins or digital currency from the platform to a separate, physical location, such as a safe deposit box or a vault.
In the case of Coinbase, currency stored offline is distributed geographically, in safe deposit boxes and vaults around the world.
There are several ways to store funds offline. Common tactics include:
- Writing the amount of currency on a piece of paper.
- Transferring the currency to a flash drive or other physical storage device.
- Transferring the currency to a physical hardware wallet.
- Storing the currency on a physical Bitcoin.
Storing funds offline isn’t a failsafe method for protecting customer’s investments. But combining offline storage options with a secure location, such as a vault or safe deposit box, increases the security.
Coinbase uses a combination of drives and paper backups to distribute financial data to physical locations around the world. Along with storing funds offline, the platform also stores any sensitive information in an offline location. Any information that might usually be stored on a server is instead stored offline.
AES-256 Bit Encryption
All data that are shared on Coinbase are stored using AES-256 bit encryption. That includes data that are copied onto paper backups or flash drives and personal information such as your wallet and private keys.
AES, or advanced encryption system, is available in three forms. AES-256 is the most secure since it uses keys that are 256 bits long and that contain 14 hashes. The length of the key and the number of hashes make it very difficult, if not impossible for hackers to break into a system that uses AES-256 bit encryption with a dictionary attack, according to Smartbear.
As Techopedia puts it, a hacker trying to break into a message or file that’s encrypted using AES-256 will need 2^256 (1.1579209e+77) different combinations to crack it.
Secure Socket Layer (HTTPS)
Coinbase’s website traffic runs over encrypted secure socket layer (SSL) (Https). SSL is a standard that keeps the connection between the server and browser secure. Any sensitive information that is sent between browser and server is first encrypted so that any hackers who might intercept the information is unable to read it.
One way to verify that a website is protected by SSL is to check out the URL (website address). Secure sites will have “https://” rather than “http://” at the beginning of the URL.
Another way that Coinbase keeps your information secure is through the use of 2-step verification, also known as two-factor authentication. With 2-step verification, signing in to your account is a multi-step, multi-device process.
First, you’ll enter your username and password on the website’s log-in page. Once your username and password are verified, the platform sends a separate message to your smartphone, as a text message.
To get access to your account, you’ll need to type in the unique code that was sent to your smartphone.
Two-step verification provides that extra layer of security because it requires you to know the right information and have the right device with you. A hacker can easily break into your account with a username and password, especially if you have a lousy password. But it’s less likely that a hacker will first steal your phone then figure out your password.
A platform such as Coinbase is only as good and trustworthy as the people who work for it. When answering the question “is Coinbase secure?” it’s important to look at the policies the company has in place for hiring employees.
Each employee hired by Coinbase needs to pass a criminal background check first. That reduces the likelihood of the company hiring someone who will set out to defraud the company and its customers.
Once a person begins working at Coinbase, he or she needs to follow strict rules to protect the security of the company’s information. Hard drives need to encrypted, and screens need to be locked when left unattended. Employees are required to use strong passwords to keep others from gaining unauthorized access to their accounts.
Other Ways Coinbase Keeps Your Data Secure
Coinbase uses many other practices to protect the information and data of its customers. Those methods include:
- Checking for strong passwords when a new user creates an account and on password reset.
- Hashing passwords stored in the database.
- Rate limiting certain actions, such as login attempts (i.e., if you put your password in incorrectly too many times, the system will lock you out).
- Storing login credentials separately from the codebase and database.
Should I Use a Credit Card with Coinbase?
You have a variety of options when it comes to purchasing Bitcoin or other digital currencies on Coinbase. In the US, you can use a credit card, debit card, bank wire or bank transfer to deposit money into your account.
Using a credit card with Coinbase has several advantages over the other methods, even if you are nervous about storing your credit card details online. One of the biggest advantages of using a credit card is that you technically aren’t using your own money.
If your Coinbase account is compromised and someone gets access to your credit, he or she can use the card, but you won’t immediately lose anything. In contrast, if a hacker gets access to your bank account information or your debit card number, he or she can quickly drain the account.
Although your bank or debit card company will likely refund most of the stolen money, you’ll still be left to survive in the days or weeks it takes the refund to process without access to your cash.
Your financial responsibility in the event of fraud is also lower if you use a credit card versus a bank account or debit card. If you are the victim of theft or fraud, you’re responsible for $50 at the most when you use a credit card, according to CNN. But if someone steals your debit card, you could be on the hook for up to $500.
Coinbase Security Tips
How secure is Coinbase? While the company goes above and beyond to protect your money and your information, some of the burden of security falls on you. Fortunately, there are many ways you can protect yourself when using the platform.
Step one is to make a good password. Some passwords are way too easy to guess, especially if a hacker is usually a program to crack passwords. A strong password will contain a mix of uppercase letters, lowercase letters, and numbers. It won’t be a word that you can look up in the dictionary and it won’t be your last name, your mom’s name or one of the names of your kids.
Step two is to be careful about how you access your account. Don’t provide your username and password to sites when you’re browsing over public, unsecured WiFi. It’s just way too easy for someone to intercept your information if you do that. Stick to secure, private networks or your smartphone’s data connection.
Step three is to be wary of any messages or emails you get claiming to be from Coinbase. If you get a message that asks for your password or asks you to click through and provide your details, don’t. Only deal with the platform by typing its URL into your browser or directly through the app on your phone