What to look for in picking a safe and secure crypto exchange to trade?

Image by: Temple Cerulean at https://unsplash.com/photos/tP8ZwlCF8og

Security

Having secure digital asset exchanges, be it centralized or decentralized, should be one of the main priorities to be able to move forward and grow the cryptocurrency industry to a mature new asset class. The current cryptocurrency interfaces often seem too difficult for the crypto novice that is just starting out. Rookie mistakes can lead to a lot of people giving up on crypto altogether. Users’ funds might get lost when they transfer BTC into a BCH wallet, or they will be handing over their private key’s instead of their public key’s.

Exchange hacks and lost funds

Because of the substantial amounts of money that are in the wallets of digital asset exchanges worldwide, they are a likely target for malicious actors. Over the course of the last decade some high-profile exchange hacks have taken place. To keep the length of this article within sustainable reach I will suffice with addressing the biggest hacks to date.

➡️ The biggest hack in terms of cryptocurrency being stolen was the Mt. Gox hack back in 2014. Mt. Gox lost approximately 850,000 BTC (worth 450 million USD at that time) to scammers that hacked their system. The group that initiated the hack got caught and the majority of Bitcoins were retrieved. A special trustee has been assigned to pay off Mt. Gox’s debt and look for a way to refund the account holders, without crushing the cryptocurrency market considering the large amount of Bitcoin there still is to process.

➡️ Bitfinex lost 73 million in funds in August 2016 when hackers got their hands on users’ segregated wallets. Bitfinex is one of the exchanges that managed to overcome this hack and is still in operation today as one of the biggest exchanges in terms of daily volume.

➡️ Japanese asset exchange CoinCheck made headlines at the beginning of this year after it lost 500 million USD in assets. CoinCheck will compensate users that fell victim to this hack. CoinCheck is still in business and they are working to fully reimburse their users.

Notable mentions: One of the biggest mining pools in the world, NiceHash, got hacked in December 2017 and lost 60 million USD in the event. They came up with a plan to pay back their users that lost funds in the event. In March 2017, Poloniex suffered a security breach in which hackers managed to steal 97 BTC worth of tokens. Poloniex did manage to reimburse customers that were affected by the hack.

Image by: The DigitalArtist on https://pixabay.com/en/hacker-cyber-crime-security-1952027/

Looking for a safe and secure cryptocurrency exchange

When you are looking for a safe exchange to trade, it can help to check out the following things:

➡️ How many users trade on the exchange, because a large number of actual traders might suggest it is a relatively safe exchange, in other words look for a top-volume exchange to trade

➡️ Do not leave funds on an exchange if you are not planning to trade them. Funds on an exchange are often not in a safe cold wallet but in an exchange hot wallet which is much more vulnerable to security breaches. If you can, invest in a hardware wallet, like a Ledger or Tresor wallet.

➡️ For your account safety always take the appropriate actions available to keep your account safe, like use a unique password for each exchange account, enable 2FA protection and make sure you deposit the right token in the right wallet.

Red flags

➡️ Do not trade on an unknown exchange, because it is the only exchange that offers the trading of a certain token. Inexperienced digital exchange BitGrail lost 195,000,000 USD in NANA tokens in February 2018, due to its own unsuccessful coin storage, the wallet was compromised and thieves stole 17,000,000 NANO.

➡️ Another unproven centralized exchange with an anonymous team, called Coinsmarkets exit-scammed at the beginning of this year, taking off with users’ funds that accounted for millions of dollars in various cryptocurrencies. I would look for an exchange that has a public record of their team members. They might be listed on the exchange’s website or you might find them on LinkedIn.

Huobi Global’s views on best security practices

Recently Huobi’s Head of Marketing Ethan Ng, suggested a new set of industry standards for digital asset exchanges to focus on in terms of security for their users and for their digital asset exchange Huobi Global. He announced these suggestions at the Vietnam Cryptocurrencies and Digital Asset Dialogue 2018.

Ethan Ng proposed industry professionals to come together and tackle some of the security issues together. Some of his suggestions include: Exchanges should set aside a fund to reimburse users after funds get stolen; Exchange funds should be stored more often in cold wallet, because they are more secure than hot wallets; Increase the internal controls and take a good look at projects before deciding to list them; Increase user safety by implementing mandatory 2FA verification; Install a robust cybersecurity team that is trained in Bitcoin protocol and will instantly notice double spend attacks (51% attacks) and transaction malleability.

Now let’s address some of the features Huobi Global has implemented in terms of safety and security:
➡️ Huobi stores 98% of user account balances in cold wallets instead of leaving them in more vulnerable and less-secure hot wallets.
➡️ Huobi uses its SMARTChain evaluation model to analyze new projects before listing them on the exchange. This way the legit projects get separated from the fraudulent ones.
➡️ If something does go wrong, Huobi has started a User Protection Fund that will reimburse users in the event of a security breach in which funds were lost. Every three months, Huobi will buy back 20% of its Huobi Tokens based on its earned revenue. The fund already has over 48 million Huobi Tokens (HT) in it, which is the equivalent of around 83 million USD. A second fund initiated to be activated in case of an emergency is the Huobi Security Reserve Fund which has a value of 20,000 BTC (125 million USD).

Huobi used to have two digital asset exchanges, Huobi Global and community focused trading platform HADAX 2.0, which is now integrated into Huobi Global as Huobi Next. If you do not have an account yet, you can register here or on the Huobi Global website.

My personal opinion

Starting out with trading cryptocurrencies almost two years ago, I traded mostly on Poloniex, because it was the most popular exchange at the time and it had the highest daily trading volume. Over time there were different shifts were most people changed exchanges after witnessing odd behavior. A few reasons I switched from Poloniex to Bittrex were: the limited daily withdrawal amount, the ultra-slow customer support and the inability to launch new highly profitable projects. Six months after I had left Poloniex as my go-to trading exchange, they finally processed my support ticket and my coins were returned to me. Poloniex let a lot of their long-term customers down with their inadequate customer support. It is inexcusable to hijack someone’s funds for a long period of time without informing them about what’s going on. The same stories circulate about other exchanges, like CoinBase and Bittrex freezing account for no apparent reason.

In hindsight, I have been very lucky to dodge some scam bullets. Especially people that are just starting out are extra vulnerable to being scammed because it is hard to get the hang of things, like installing a wallet, transferring funds and entering trades on an exchange. I feel the cryptocurrency industry can really benefit by having easy to use platforms that value safety and provide good and fast customer service. But the most import thing is that users feel safe and that their funds are safu.

➡️ Full disclosure: This article is not intended as investment advice. It is just my personal opinion about digital asset exchanges and their safety mechanisms. You should always do your own research. Huobi Global rewards me for writing this article and supports me for ventilating my own personal opinion.

Subscribe to my channels Steemit, Medium and Twitter if you like my articles and would like to be informed about Blockchain, cryptocurrency projects and news. You can also read my articles on LinkedIn.

If you have any questions about this article, please comment in the comment section below. Thank you!

LindaCrypto

Blockchain and cryptocurrency content creator. Writing for | Hacker Noon | The Startup | Good Audience | Blockdelta 📧: lindacrypto@ziggo.nl