Cryptocurrency exchange security is an incredibly vital component of the digital asset ecosystem. We might even venture to say that they are the most important aspect of the ecosystem bar none. Why is it, then, that crypto exchanges are continually being hacked?
The reason is that hackers are becoming increasingly sophisticated and, because operating a crypto exchange is big business, many amateur operators get into the game without adequate tools to combat the villains. There are countless cryptocurrency exchanges, and as recent audits have shown, many of them are far out of touch when it comes to basic security practices.
You’re probably (rightfully) wondering whether there are any secure cryptocurrency exchanges out there. The short answer is yes, but that answers shifts around all of the time as exchanges that seemed perfectly safe get hacked. A perfect example of this is Binance, the world’s preferred crypto exchange – it was recently hacked for over $40 million in BTC.
How Are Exchanges Secured?
There are of course many technologies and methods available for securing cryptocurrency exchanges, but for economic and intellectual shortsightedness, many exchanges decline to make use of them. Of the strategies exchanges have at their disposal is the use of hot and cold wallets.
Hot wallets refer to exchange wallets that are connected to the internet or are network-accessible. These wallets represent the biggest risk an exchange can take because, since the wallets are generally online, it’s always possible for a hacker to effectively target them. That’s happened in several notable hacks including the infamous Coincheck Exchange hack in which thieves made off with over $500 million in cryptocurrency.
Cold wallets, in contrast, are physical wallets stored offline. When digital assets are stored in cold wallets, it is impossible for hackers to get to them. The only way to steal from a cold wallet is to apprehend the wallet in person and coerce its owners into giving you the password. So, considering that, cold wallets are the most ironclad type of security available for digital asset storage.
The problem is that many exchanges opt to keep large amounts of digital assets in hot wallets rather than store the majority of them in cold wallets. Some exchanges strike a fine balance between the two. Binance, for instance, only keeps anywhere from 5–10% of assets stored in hot wallets at any given time.
Should I Leave My Funds on the Exchange?
Leaving your funds in an exchange wallet is considered by many to be a dangerous practice. The truth is, it depends greatly on the exchange you’re using. Keeping your funds on a little known and definitely shady exchange is most definitely a terrible idea. However, keeping your funds on a reputable and FDIC insured exchanged like Coinbase shouldn’t be a problem at all.
If the exchange you’re using is secured by a regulated insurance agency like the FDIC or has its own protective measures, then the risk assumed by storing your digital assets there is low.
Take Binance as an example. Recently, hackers made off with over 7,000 BTC from high net worth wallets. Luckily, Binance makes use of an in-house insurance policy against such events called SAFU. The SAFU fund takes a portion of the exchange’s profits and keeps them waiting in the event a hack or other unforeseen loss of assets takes place. When it does, as it did last week, Binance covers the loss with SAFU funds so that its users don’t lose anything at all.
Which Exchanges Are the Most Secure?
Of the hundreds of cryptocurrency exchanges currently online and operational, only 16% were given an ‘A’ in a recent marketwide audit. Kraken, Robinhood, Poloniex, BitMEX, Coinbase, HitBTC, Binance, Gemini, and Huobi all rank amongst the most secure exchanges in the cryptocurrency realm.
However, just because an exchange is graded highly doesn’t mean that it is permanently secure. Hackers are becoming increasingly sophisticated and are often more technically capable than the developers tasked with building digital asset exchange security systems. Because of that, trusting exchanges to be permanently secure can be a misstep you’ll regret taking.
Cryptopia, for example, is ranked in the top 60 cryptocurrency exchanges, but it has fallen victim to significant hacks throughout its history. Exchanges that have never suffered a hack, such as Gemini or Huobi, are ranked much lower than Cryptopia and Binance.
Therefore it is best to take exchange rankings with a grain of salt and an extra helping of skepticism. Do your own research into an exchange’s security policies and avoid them at all costs if they don’t employ cold storage for their digital assets.