Security is often an overlooked feature when it comes to exchanges. Many investors and traders are happy to leave their funds on an exchange and it is not difficult to find a reason why. It is convenient and the fees for moving funds from wallets to exchanges and back again can be costly.
Wallet security remains one of the most important factors when choosing an exchange. No matter how good your investment decisions are, they won’t matter if you choose an insecure exchange that loses the funds. We delve into the exchanges that have the most secure wallets so that if you do decide to leave your funds on an exchange, they have the best chance of staying there.
San Francisco headquartered Kraken is the world’s largest Bitcoin exchange in Euro trading. The exchange was founded in 2011 giving it a long history of operation. Kraken has been backed by a number of significant investors including Money Partners Group, Hummingbird Ventures, Blockchain Capital, and Digital Currency Group. The exchange also deals in altcoins and a number of different fiat currencies.
Kraken takes its security seriously and has a strong wallet. All user deposits are stored in cold wallets which are offline wallets. The vast majority of the exchanges funds are stored in cold wallets. Only the amount of funds required to maintain high liquidity and operate effectively are stored in hot wallets. Hot wallets are online wallets which are less secure and more susceptible to hacking.
Kraken is one of the only exchanges which conducts a proof of reserve audit. This is an audit conducted by an independent party which supports that Kraken holds fully all of the user’s funds. This process also enables users to independently verify that Kraken holds the funds for their account.
While some exchanges focus heavily on security and charge hefty fees for it, Kraken is an exchange accessible to the everyday cryptocurrency user that applies strong security. Users can also further the security of their account by adding two-factor authentication. Kraken is an exchange which also performs well in other areas. It is highly liquid, provides a suite of professional trading tools, and has low fees. All considered together, this puts Kraken at the top of the list of exchanges with the best wallets.
BitMEX is the most popular by a significant margin when it comes to cryptocurrency derivative exchanges. The exchange is headquartered in Hong Kong and has been operating since 2014. Its flagship product is an instrument which tracks the price of Bitcoin against USD. The product alone accounts for a huge percentage of the Bitcoin trading volume and commonly accounts for over 20 to 30% of the trading volume of Bitcoin against USD.
BitMEX has applied strong security practices from the start of operations. All of the funds are stored in cold storage and multi-signature is used for all transactions. Multi-signature wallets require signatures from a number of accounts before the transaction can be processed.
At least two of the three founders of BitMEX need to sign off on every transaction. These procedures can be verified by examining the blockchain. Security sometimes comes at the tradeoff of convenience. Withdrawals from BitMEX are only processed once a day which means that those in urgent need of funds will not be able to access them in a short amount of time. Users can also enable two-factor authentication to their accounts to add an extra layer of support.
With BitMEX both being a highly popular derivatives platform and providing high levels of security, it makes it one of the top considerations for exchanges with strong wallets. The key limitation is that funds can only be withdrawn once per day but many users see this as an advantage as if there account got hacked, they would have time to respond.
OKCoin is an exchange which has been operating since 2013 and is headquartered in Hong Kong. OKCoin has been expanding into North and South America and supports a variety of fiat currencies and cryptocurrencies. OKCoin provides products in both the spot and derivative markets.
OKCoin takes the security of their wallet seriously and undergoes a complicated procedure to ensure that users funds are safe. OKCoin generates multiple private keys and the majority of funds are stored across a number of cold wallets. High levels of encryption are applied to the private keys and these are stored in bank vaults.
There is a limit to the amount that can be stored in any one cold wallet and after a transaction is made from the cold wallet, it cannot be used again. Hot wallets are used to operate the exchange and provide sufficient liquidity.
The security process gets even more complicated. To access a private key requires two people, the person to decrypt the encryption applied and also the person who can access the bank vault. Those with access to the bank do not have access to the decryption password. Only two people will be provided with access to the bank and these two people cannot travel together.
OKCoin detail a highly complicated procedure for securing users funds. There is no way for a user to verify that this process is actually implemented but it is beneficial that it is described as the company can be held accountable if it turns out that these practices are not being implemented. Two-factor authentication can also be enabled by users to add an extra layer of security.
bitFlyer is a Tokyo-based exchange which has been operating since 2014. bitFlyer provides both spot and futures products. They have a host of security practices they have detailed including strong encryption, proper programming and OS considerations, and conducting identity verification.
In terms of their Bitcoin wallet, bitFlyer propose that they keep at least 80% of users funds are kept in cold wallets. The wallets are also multi-signature and require two or more signatures to process transactions. bitFlyer have also developed their own proprietary Bitcoin daemon in an attempt to reduce the vulnerability of users funds.
A daemon is a computer process that runs in the background and is not under the control of the user. Two-factor authentication can also be enabled by users to add an extra layer of security. The wallet details provided are for Bitcoin but there is no mention of wallet practices for altcoins which may not be as secure.
Overall, bitFlyer propose strong wallet and security procedures but similarly to OKCoin, there is no way for the user to independently verify.
Coinbase is the leading cryptocurrency exchange. When assets are purchased through Coinbase, Coinbase acts as the custodian. Coinbase also offers a separate wallet service which puts the user as the custodian. The wallet is available in web-browser, Android, and iOS. The wallet was initially launched under the name Toshi but has recently changed to Coinbase Wallet.
The wallet was developed with a focus on Ethereum. It aimed to enable users to both manage their Ethereum and Ethereum-based tokens while also providing an interface to access decentralized applications (DApps). The wallet so far only supports Ethereum and assets built on top of Ethereum such as 0x Project. The wallet plans to support Bitcoin, Bitcoin Cash, and Litecoin shortly but it is a key limitation that it does not yet support these cryptocurrencies.
One of the key features of the wallet is that the private keys are secured through the user’s device. The vast majority of exchanges are in control of the private keys themselves and the users are essentially transferring the control of the cryptocurrencies to the exchange. The key benefits to this wallet are the users controlling their own private key and the ability to interact with DApps. The main drawback is the limited amount of cryptocurrencies supported. Overall, Coinbase Wallet is a good alternative but could be far improved if further support for cryptocurrencies were added.
All of the wallets above are easily accessible to the everyday user. Some exchanges also specialise in providing custody services to institutions and HNWI. Some institutions such as hedge funds are required by law to store their funds with a specialised custodian. Others do it for the extra layer of security. While these are not applicable to the everyday user, it is useful to know the big exchanges catering for the big players.
Coinbase has the previously detailed wallet solution and users can also choose to leave their funds with the Coinbase exchange. Coinbase custody is a separate service aimed at institutions. Coinbase custody secures assets by placing them in segregated cold wallet accounts. As part of the service, fund transfers will be catered for and there is regular audits and customer support available.
The assets supported for this service include Bitcoin, Bitcoin Cash, Ethereum, Litecoin, 0x Project, Ethereum Classic, Ripple, Basic Attention Token, and OmiseGo. This service is not available to non-institutional clients. Clients are mainly cryptocurrency hedge funds such as Polychain Capital and Multicoin Capital.
Gemini was founded by the Winklevoss twins and has been operating since 2015. Gemini is regulated by the New York State Department of Financial Services (NYSDFS) and is a New York State Trust Company. All USD deposits with the exchange are stored in FDIC insured bank accounts. The exchange offers two types of custody for digital assets. Depository custody which is the default for clients of Gemini mixes the funds together and secures them in a cold storage system.
The other type is a segregated custody account and is aimed at institutions such as hedge funds. Clients assets are separated into their own accounts in this service and are secured offline in Gemini’s own proprietary cold storage system. The fees for the service are 0.964% annually with a minimum of $100,000 having to be paid in fees.
itBit is another New York State Trust Company that is regulated by the NYSDFS. The company has been operating since 2012 and has both a regular exchange and an over-the-counter (OTC) trading desk. Both cryptocurrency and fiat currency deposits are fully backed as required by regulation. itBit also offers institutional custody services. Assets are segregated by client account and are stored completely in cold storage. Clients of the custody service get 24/7 support and can also verify and obtain reports on their funds at any time.