Everything valuable carries an inherent risk of being lost or stolen. In the case of cryptocurrency, the risk is compounded by the absence of a recourse mechanism. Given the decentralized nature of cryptocurrencies, no authority can help you recover lost Bitcoins or Altcoins.
Safety wasn’t much of an issue when 10,000 Bitcoins were used to buy a pizza in 2010. Today, with Bitcoin safety has become a matter of concern.
Many cases of theft have resulted in billions of dollars’ worth of cryptocurrency being stolen by criminals. The Mt.Gox collapse of 2013 is an event firmly etched in the collective memory of the crypto community. By today’s valuation, it is worth more than US $8 billion! Bitfinex and DAO hacks are two other examples of big crypto thefts.
Understandably, the fear amongst users regarding the safe storage of cryptocurrency is understandable. With more than 47 million crypto wallet users worldwide, the risk is palpable. In this article, we will help you understand the safety concerns with mobile wallets and how you can address them.
The Different Types of Cryptocurrency Wallets
A basic knowledge of different types of wallets is required for understanding the safety of mobile wallets. From cloud-based solutions to offline hardware, a wide range of storage options is available today. The five most common types of wallets are:
- Desktop Wallets – These wallets are installed on a local desktop computer. They enable users to create addresses for sending and receiving cryptocurrency. Exodus, Bitcoin Core, MultiBit, Armory, Hive OS X, Electrum, etc. are a few examples of desktop wallets.
- Web-based Wallets – These are online wallets hosted on third-party servers. Web wallets can be accessed from anywhere using any browser or mobile device. Most coin exchanges, like Binance and Coinbase, provide this service.
- Mobile Wallets – Mobile wallets are apps on mobile devices that allow users to store, receive, and send cryptocurrency. Examples of this type of wallet include Jaxx, BreadWallet, Mycelium, and CoPay.
- Hardware Wallets – These are storage devices not connected to the internet. Private keys are kept offline on secure physical devices. Users must, however, connect the hardware wallet to an online computer to send or receive cryptocurrency. Ledger and Trezor are popular hardware wallet devices.
- Paper wallet – This is essentially a private key printed on a piece of paper in text or QR code format.
A wallet is classified as hot or cold based on its connection to the internet. Desktop, web, and mobile wallets are hot wallets. On the other hand, hardware and paper are considered cold. As the world is moving towards handheld devices, the mobile wallet is a convenient choice for many crypto users.
What Makes Mobile Wallets a Good Option?
A well-designed mobile wallet can perform actions much faster than web or desktop wallets. For example, payments can be made easily by scanning QR codes from anywhere – a functionality not available on desktop wallets. The data is stored locally on the device and can be retrieved even when working offline (although an internet connection would be required to perform transactions).
Some wallets give users the option to create an additional layer of authentication to unlock the app. Device-level security features such as this make mobile wallets slightly better than mobile and desktop wallets in terms of safety. However, it is not 100% foolproof.
How Do You Ensure the Safety of Your Mobile Wallet?
The security of a mobile wallet depends on four things:
- Physical possession of the device
- The software security framework
- The type of login authentication required, and;
- The behavior of the user
User behavior involves the actions of the wallet owner that may make the device and wallet vulnerable to an attack. Following are the most common modes of attack on mobile wallets:
- Aftermarket keyboards – These are third-party software apps disguised as friendly keyboards. However, they may contain keyloggers or spyware that collect your wallet information to send to criminals.
- QR and barcode scanners – Illegitimate third-party scanner apps can collect your QR code when you use it to scan your private key. The information is then shipped to remote servers.
- Evil Twin access points – This is a two-decade-old technique which involves the creation of fraudulent Wi-Fi access points to steal sensitive information like login credentials, private key info, etc.
While the amount of effort used to break into a device varies, Android devices have been found to be more vulnerable to attacks than devices running on iOS. However, regardless of your device, here are a few measures you can implement to guarantee the safety of your mobile wallet:
- Choose a reputed mobile wallet and download it from a credible source
- Avoid using third-party apps. If you have to, make sure they only have as many permissions as necessary to serve the purpose
- Delete the apps you rarely or never use
- When using the wallet, make sure no apps are running in the background
- Turn off all the hardware ports (Bluetooth, NFC, Wi-Fi, etc.) you don’t need during transactions to avoid getting eavesdropped on. Data from your mobile carrier is the safest bet for online transactions
- Losing access to wallets is a real possibility. Creating a back-up of the wallet.dat files or seed phrases is a must. Writing or printing the seed phrase on a piece of paper is also recommended.
- Store only a limited amount of currency on hot wallets for transactions. Keep the rest in a cold wallet. Not doing so may result in losing it all in one go.
Final Thoughts
Above all, the golden rule to crypto security is to stay alert and exercise due caution while transacting online.
The world of cryptocurrency is evolving, and so are mobile wallets. If you have to compromise on a few features, say a fancy UI, for the sake of safety, then do it. What good is a wallet if you don’t have currency to spend? With adequate precaution, mobile wallets can be a safe and efficient method to store and use cryptocurrency.
