With the astronomical rise in fraud in the crypto space, it is now more important than ever for digital wallets to enact real time fraud prevention measures. Once a breach occurs, digital wallets can be drained of all their crypto in minutes and very few reliable measures of recovery exist. Investors need to balance convenience and security when deciding which digital wallet to use.
What is a Crypto Digital Wallet?
A digital wallet is a web-based or hardware based means of accessing one’s crypto currency, like bitcoin, and making transactions. The digital wallet does not actually store the crypto (that lives on the blockchain), instead it allows the crypto holder to access their coins.
What the digital wallet holds is the crypto owner’s private key, this allows them to access their crypto and make transactions. The digital wallet private key is typically a long passcode that the user stores and enters to prove their identity as the owner of the digital wallet.
Three Types of Crypto Digital Wallets
A paper wallet is simply a piece of paper with the seed phrase access passcode for the private key written on it which corresponds to an invoice address. In the early days of crypto, this was the primary method for an investor to access their bitcoin. This type of digital wallet provides the highest level of anonymity for crypto investors and only takes up the space of a piece of paper.
Some security issues with a paper wallet are fairly self-evident. Ink can be smudged or a piece of paper can be lost or destroyed fairly easily. Other issues are less obvious. For example, if the crypto holder is using a printer on an unsecured printer network to print their paper digital wallet it could be compromised by hackers.
Industry experts everywhere agree that paper digital wallets are a dated and highly risky means of accessing crypto and other methods should be used.
Hardware wallets are external hardware devices, like a USB stick, that stores the user’s crypto private key. Hardware digital wallets offer many more security and fraud prevention features than a paper wallet.
For example, private keys cannot be removed from the wallet using plain text and are stored securely in the microcontroller area. Hardware wallets are also impervious to the viruses that plague software wallets.
While hardware wallets offer some strong fraud prevention measures, they are not bulletproof. For example, malware could be present on the user’s computer that monitors for high value transactions, it could then change the delivery address of the crypto transfer and redirect the funds into the hands of a fraudster. Implementing multi factor authentication (MFA), like LoginID’s transaction confirmation with digital signature, for all transactions can prevent this type of malware scam.
Again, like with paper wallets, losing a hardware wallet is a serious risk especially if you then forget the passcode to recover the private key. There’s a famous story of a UK man who lost $280M in bitcoin doing exactly this.
Software wallets are apps or another piece of software that stores a user’s private key. Software wallets are convenient to use since there’s no piece of paper or hardware device to carry around. There are a multitude of software wallets currently available in the market, however, when it comes to security, many are experiencing fraud issues.
Over 11,000 complaints have been filed with the Federal Trade Commission (FTC) against Coinbase, a major crypto exchange and digital wallet provider, surrounding fraud related losses and poor customer service responses. The primary cause of these losses is believed to be due to SIM Swap attacks.
A SIM swap attack occurs when a fraudster tricks the phone company into giving them access to their target's SIM card. They then use this SIM card to intercept one-time passwords and use those passwords to access the victims digital wallet and steal their funds.
Protecting Your Digital Wallet
With both hardware and software wallets, the primary security vulnerability is single factor authentication and even more so when that factor is a password. By instituting a multifactor authentication solution like LoginID’s FIDO2 passwordless authentication platform digital wallets can prevent SIM Swap attacks.
The FIDO2 protocol operates using private key cryptography. At registration, the end user generates a private key that is tied to their biometric using their device’s native biometric mechanism like a fingerprint or face scan (a PIN can also be used). The private key remains in the secure area of the device, never leaving. In the case of Apple, that would be the secure enclave. That FIDO2 private key would then be used to unlock their crypto private key instead of a password.
This same process can be used to confirm a crypto transfer, prompting the user to input their biometric before any crypto is moved. It would be incredibly difficult for a fraudster to be able to provide a user’s biometric from their stolen device. They would much more likely target someone’s password via a SIM Swap.
With the proper fraud prevention measures in place, digital wallets can be quite secure for crypto.
LoginID has you covered with multiple SDKs and APIs that can be easily integrated to add passwordless authentication and transaction confirmation to your digital wallet. Developers click here to view our documentation.