One of our employees asked me recently what the best way to secure bitcoin is. I had no idea. Do you have any advice...
on bitcoin security?
While there's no pressing need to rush into upgrading your payment system to accept bitcoins, it is worth monitoring its usage, particularly for a business with a big internet presence or one that sells digital products and services, such as online games or subscriptions.
Cryptocurrency is probably here to stay, and although some countries, such as China, have banned its use, many countries -- including the U.S. -- appear more relaxed about its existence. Some large organizations began accepting payment for products and services in bitcoins; however, recent fluctuations in the value of bitcoin led some companies, like Valve and Stripe, to drop support of the cryptocurrency.
Still, many companies continue to accept bitcoin and other forms of cryptocurrency. One benefit for merchants is that bitcoin transaction fees are typically lower than the 2% to 3% charged by credit card processors. A top benefit for customers paying with bitcoins is that they leave no data behind that can be used in identity theft.
How to secure bitcoin
In addition to financial benefits, there are several elements that secure bitcoin from theft. Cryptography controls the creation and transfer of a cryptocurrency, and the protocols underlying bitcoin have proven to be robust. Bitcoin's use of a distributed ledger known as blockchain gives owners a record of all their transactions that cannot be tampered with because there is no single point of failure.
However, this hasn't stopped attackers from exploiting vulnerabilities within bitcoin exchanges or wallets -- the software used for storing bitcoins on computers or smartphones. Bitcoin exchanges are not regulated by the government, and they generally do not provide enough insurance and security to be used to store money in the same way as a bank.
Not surprisingly, a study by Dell SecureWorks in 2014 showed that, as the value of a bitcoin rose, so did the number of viruses designed to steal bitcoins from wallets. That trend has continued this year; there have been several cyberattacks on exchanges and wallets as the price of bitcoin and other cryptocurrencies has skyrocketed in recent months. In addition, new threats like cryptomining malware attacks have also emerged.
Despite the increasing rate of cyberattacks, cryptocurrency wallets are still among the best ways to secure bitcoin. Ideally, wallet software should be installed on a bootable USB or a live CD to ensure that the operating system is virus free and doesn't cache, log or store wallet keys anywhere.
Users have to treat their software wallet the same way they would a real one, and best practice is to use two wallets, keeping only a small amount of bitcoins on a computer or mobile phone for everyday use, with the balance kept in a separate offline wallet. This safeguards the majority of a user's bitcoins from malware trying to intercept the password used to access a wallet or to find unencrypted wallet data in the device's RAM.
The offline wallet needs to be kept physically secure -- maybe even in a traditional bank vault -- as the loss or theft of a wallet means the permanent loss of the bitcoins it contains. A computer hard drive storing more than $4.6 million worth of bitcoins was thrown away and lost when the owner forgot it contained 7,500 bitcoins.
Offline or cold storage services are available, but note that they aren't regulated by the financial services industry. Additionally, if an offline wallet is encrypted, it is important to not forget the passphrase. Some experts prefer not to encrypt this type of wallet because, in the event of death, descendants would not be able to access their inheritance.
Keeping bitcoin secure
Regular backups of a bitcoin wallet are essential to protect against computer failure, theft and human error, but never store them online, especially if the backup is not encrypted. Finally, always use the latest version of bitcoin software, and use a password that is at least 16 characters long.
Although bitcoin is a purely digital currency, it can be kept secure in analog form. Paper wallets can be used to store bitcoins offline, which significantly decreases the chances of the cryptocurrency being stolen by hackers or computer viruses. Printing the contents of a wallet -- basically the private keys and their corresponding public keys -- creates a physical record which, of course, must be kept secure.
Keeping bitcoins secure is complex and time-consuming, but well worth the trouble for anyone with a reasonable amount of bitcoins. Bitcoin is more than a passing internet fad, and when dedicated hardware wallets appear on the market, they should provide a better balance between security and ease of use, possibly increasing the general acceptance and use of bitcoins and cryptocurrency for online transactions.
Ask the expert
Want to ask Michael Cobb a question about application security? Submit your questions now via email. (All questions are anonymous.)
Dig Deeper on Data security strategies and governance
Related Q&A from Michael Cobb
Expert Michael Cobb details how to argue for a multistep secure code review process, like Microsoft SDL, and the pros of secure coding practices. Continue Reading
Researchers developed a tool to help prevent improper certificate pinning that causes security issues. Expert Michael Cobb reviews the issue and the ... Continue Reading
Google Project Zero discovered a WPAD attack that could target systems running Windows 10. Expert Michael Cobb explains how the attack works and how ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.