Bitcoin security

“Bitcoin? I don’t know, it just doesn’t seem safe.”

With the sophistication of modern global financial services, particularly in countries with established banking and payment networks, little thought is often given to whether a particular payment will be processed correctly or if funds in a bank account will remain secure. It’s expected, and often taken for granted that money paid for a purchase will arrive at its destination and that your savings will be there when you need it.

Unfortunately the perception today is that the same cannot be said about bitcoin, that it is somehow far riskier than traditional currencies.

The reality is quite different.

This page will discuss the basics of how you, and the right bitcoin wallet, can help ensure your bitcoins always remain secure. (For a general introduction to bitcoin, click here.)

First, think of bitcoin like cash [almost]

As a first step in understanding how best to secure your bitcoins, it’s useful to think of bitcoin in many ways as similar to cash.

Real-time transactions

Like cash, bitcoin payments between two parties are facilitated almost instantaneously. Just like handing a bartender a $20 bill, once you’ve sent bitcoins from your wallet to a friend’s, that money is withdrawn from your account and directly deposited in theirs. There’s no need to wait multiple days for your bank or credit card company to clear the transaction and make the deposit.

In fact, the only distinction between transactions in cash and bitcoin is that it’s essentially impossible to counterfeit bitcoin. When you pay for something with a paper note, you can usually be relatively sure you’re using valid currency, given its unique serial number, raised print and, most often, a complex rendering of a long since deceased head of state. Bitcoin payments, in contrast, are each validated against bitcoin’s central transaction database, the “block chain”, before ever reaching a recipient’s wallet. This ensures that the funds being sent haven’t already been spent somewhere else and that the recipient receives exactly the amount they’re owed.

No refund mechanism

Another way in which bitcoin is like cash, is that once a payment has been sent there is no mechanism for triggering a refund. Since bitcoin is a peer-to-peer currency, once it leaves your wallet it is out of your, or anyone else’s control. For this reason, it’s incredibly important that if you’re using bitcoin for a purchase, you trust that the vendor will deliver the goods and services you’ve purchased, once they receive your funds. Unlike a credit card, for example, there is no ability to dispute a transaction after the fact, if you never receive your purchase.

They call them private keys for a reason

When you pay for something with a bitcoin, you’re required to provide a password or “private key” to prove you’re that bitcoin’s rightful owner. A private key is a long, predetermined series of letters and numbers that is used to validate every bitcoin purchase. And while this is an important security feature, it’s important to note that should you somehow lose track of a private key, whether by mistakenly throwing out the paper you wrote it down on, or having it stolen off your laptop by a hacker, there is no way to get it back. That bitcoin, like if you lost your wallet, is gone.

Just like it’s probably not a great idea to keep your life savings in a shoebox under your bed, it’s equally ill advised to keep your bitcoin private keys anywhere they can be easily lost, damaged or stolen.

So how can you protect your bitcoins against loss or theft, while keeping funds on hand for daily purchases and payments?

Pay with a bitcoin wallet

Most bitcoin holders choose to use a digital bitcoin wallet, like Xapo, to manage their bitcoin finances. Using a smartphone bitcoin wallet app, you can easily view your bitcoin balance, make secure online and in-store bitcoin purchases, and send bitcoins to friends and family anywhere around the world.

A bitcoin wallet holds your secret bitcoin private keys, the unique passwords needed to spend or send your bitcoins. When you make a purchase, via your bitcoin wallet, a secure cryptographic signature links your wallet and your private keys, proving your ownership of and right to spend those bitcoins.

Just as internet-connected bitcoin wallets facilitate fast and easy transactions, they also present a variety of security concerns. However, just as you take precautions to safeguard your physical wallet, there are steps you can take to ensure your bitcoin wallet remains secure.

Choose a trusted wallet provider

As some recent wallet breeches have demonstrated, there are many bitcoin wallets on the market today, with varying levels of security. Selecting one of the industry’s trusted, secure, insured wallet providers, like Xapo, helps ensure your bitcoins will be stored safely, and thoroughly protected against loss or theft.

Use a secure password

Though it may seem obvious, your password is your first and best line of defense in protecting your bitcoin wallet. Security experts recommend using a password that contains a mix of letters, numbers, and punctuation marks, ideally over 16 characters long. This ensures your password is nearly impossible to guess and highly difficult for a criminal to hack. Enabling second-factor authorization, wherein a code sent to your mobile device must be used to approve transactions and changes to your account, is also beneficial in increasing your wallet’s security.

In addition, depending on the type of wallet you use, there may be limited options for retrieving a forgotten password, so ensure that you can either remember it, or you keep it written down in a safe place, like a physical vault.

Keep only small amounts for daily use

No one (hopefully) walks around on a daily basis with thousands of dollars in cash in their pocket. We generally deem this to be foolish, as it potentially heightens the risk and cost of either losing your wallet or having it stolen.

In a similar fashion, you should use your bitcoin wallet to keep only the funds you might use for daily transactions, like buying a cup of coffee or paying a friend for movie tickets.

So then, what should you do with all the bitcoins you own that you don’t plan on immediately using?

Secure your savings with a bitcoin vault

A bitcoin vault, much like a vault in a bank, is a highly secure location for storing your bitcoin savings, that is by design much less accessible than your bitcoin wallet. Typically, a secure vault will have multiple layers of both physical and technological security to ensure that your bitcoin private keys are inaccessible to thieves, hackers and other unauthorized individuals. The following are a few security features, (all provided by Xapo’s industry-leading secure vault service), that you should look for when selecting a bitcoin vault provider.

Deep cold storage

The single best way to protect your bitcoin savings is by storing your private keys on offline “deep cold storage” servers. These are servers that are never connected to any network (including the internet) and require an authorized individual to be physically present to process any deposit to or withdrawal from your bitcoin vault. This dramatically reduces the risk of any hacker being able to access your funds remotely.

Multi-signature authorization

Any one bitcoin server vault, no matter how secure, will always have some risk of being broken into. That’s why it’s important to select a vault provider with “multi-signature authorization” (or “multi-sig”) technology. This is an architecture in which a vault provider will set up multiple secure storage vault locations around the world, of which at least a majority must independently approve each vault withdrawal. This means that in practice, it is impossible to trigger an unauthorized withdrawal by gaining access to only a single secure vault.

Physical protection

The best cryptography and technological security features are less useful if they are able to be easily tampered with. That’s why top bitcoin vault services locate their bitcoin vault servers in highly secure, guarded facilities. For example, just one of Xapo’s multiple server vaults is located within a guarded, decommissioned Swiss military bunker, behind a nuclear blast door, encased in a reinforced concrete server suite, inside a radio wave blocking Faraday cage.

Jurisdictional security

Finally, the most secure vaults maintain multiple server locations, across multiple countries and even continents, to ensure that the regulatory actions of a single government or regulatory authority are never able to threaten the safety of your bitcoins.

A safe currency and secure store of value

Just like cash, it’s important to take appropriate precautions in how you transact with and store your bitcoins. However a few simple common sense steps and choosing the right bitcoin wallet provider can help keep your bitcoins safe and secure.