How to keep Crypto Exchange secure? Part 2/2
Nowadays, large amounts of money pass through exchanges. That’s why it’s important to think about each of these categories individually and establish clear policies to ensure an adequate level of security.
In the previous part, we discussed the first half of the issues regarding safety of crypto currency exchanges. We hope you were able to relate them to your experience. If not, then don’t forget to read How to keep your Crypto Exchange secure? Part 1/2 in which we cover the first 10 categories from the list.
The way to secure crypto exchange.
In this part we will present the remaining 9 categories. These include not only Coin listing research, Exchange availability or Mobile security, but also Continuous security and Security education. What’s more, in cooperation with Coinerro, categories such as Insurance Protection, Transparency, Incident history or Regulation are also covered.
Here is the recall of the complete list (including those discussed earlier):
- Authentication
- Session handling
- Access control
- KYC Security
- Wallet security
- Deposits & withdrawals
- FIAT payment integration
- Currency operations & transfers
- Sensitive operation limitation & authorization
- TLS Security
- Exchange availability
- Cryptocurrency listing research
- Mobile security
- Insurance Protection
- Transparency
- Incident history
- Regulation
- Security education
- Continuous security
*Note:
In a broader context – since crypto exchanges are the resultant of already existing financial systems, we should consider good practices developed over the years, e.g. by banks or traditional stock exchanges. Many of the security aspects discussed in this article may be used in other financial applications incl. all mobile, web, and thick clients.
Let’s focus on the aspects that still need to be discussed:
11. Exchange availability
The availability of cryptocurrency exchange is one of the most important aspects of business, especially with such large and rapid fluctuations. Users need unhindered access to services at any time, without any obstacles. Each incident causing a technical break can generate large financial losses and decrease trust which is so hard to restore.
To reduce the probability of service unavailability:
- Avoid single points of failure, take care of redundancy in your network environment.
- Remember about regular backups, keep them isolated in a safe place.
- Monitor incoming traffic and eliminate threats caused by suspicious users.
- Check how you handle extreme values, scientific notation etc.
Possible consequences of neglecting this category:
- Unavailability of cryptocurrency exchange causing image loss.
- Client’s funds lost due to old orders on markets.
12. Cryptocurrency listing research
Cryptocurrencies listed on the exchange can introduce potential threats. The exchange history knows cases of attacks on cryptocurrencies (e.g. an exploitation of the vulnerability in cryptocurrency smart contract) that required immediate reaction and close cooperation between cryptocurrency developers and exchanges – not to mention the famous Twitter attack.
Additionally, the currencies can include little-known functions that may directly affect the exchange liquidity and funds. One can think of a locked deposit of Monero. The client sends an XMR to the exchange address as a deposit but the exchange cannot transfer this amount for years. Would you book this XMR on your customer’s account?
That is why it is especially important to:
- Carry out research of potential cryptocurrencies to be listed on the exchange to detect its little-known but dangerous functions and potential threats.
- Consider the possibility of potential double spend attacks from small projects using Proof of Work.
Possible consequences of neglecting this category:
- Cryptocurrency exchange liquidity disruption.
- Loss of exchange funds due to uncommon cryptocurrency functionalities (e.g. frozen transfers).
- Loss of funds and credibility due to a specific cryptocurrency attack such as 51% attacks on PoW cryptocurrencies.
13. Mobile security
If, in addition to a web application, you provide a mobile application, you should ensure that it is also secure. Sometimes mobile applications store sensitive data in an unsafe manner or allow pulling data by other applications on the phone.
To increase security of your mobile application:
- Notify users if they are using the app on a rooted phone.
- Obfuscate application source code.
- Don’t store sensitive data in the application source code.
- Read our Mobile Security Guide to fully cover potential threats.
Possible consequences of neglecting this category:
- Leakage of sensitive data hardcoded in the application.
- Various threats related to attacks on mobile devices.
14. Insurance Protection
To reduce liability and reputation risk, customers’ hot wallet deposits should be insured externally or with a set aside internal fund. In the past exchanges went bankrupt due to inability to cover customer losses after hacks.
To protect yourself against this risk you need to:
- Buy an insurance policy or set aside a growing internal fund to remove liability for potential losses of customer funds.
- The insurance policy or safety fund should be transparent. In case of the policy, the underwriter should be known.
- In case of an internal fund, its address should be publicly known, so that customers can verify the fund’s existence.
Possible consequences of neglecting this category:
- Bankruptcy risk after hacking incidents.
- Lower credibility due to lack of collateral for clients funds.
15. Transparency
The crypto market is strongly based on trust and reputation. A key aspect of this is the exchange transparency and its relationships with other companies. The high number and emotional nature of retail crypto investors mean that it is important to operate in a setup, which does not shed doubt on the exchange’s credibility.
To gain and sustain transparency you need to:
- Establish self-evident and market-standard relationships with close business partners or affiliated companies.
- Build a good relationship with the relevant regulatory bodies in the country of incorporation. The country can be changed, but the local relationship should be good enough to avoid any litigation.
- In case of security breaches, be open about the incident and compensate customers in full.
- Hire a reputable management team and make it public.
Possible consequences of neglecting this category:
- Customer churn due to integrity questions.
- Permanent reputation risk.
- Financial risk due to possible association with disreputable partners.
16. Incident history
Most exchanges and cryptocurrencies have suffered from some sort of security breach at some point. A history of such incidents and the way they were dealt with, has considerable influence on the reputation of an exchange.
To improve the reputational effect of your incident history you need to:
- Implement the cybersecurity policies and processes mentioned in the previous points to reduce incident risk.
- It is advisable to establish a known communication time (e.g. every 2 hours) during the incident and inform the public about the steps taken.
- If customer funds are stolen during an incident, reimburse all the victims with cash.
- Be open about the cause of the incident and measures taken to correct the vulnerability.
- Have a public list of security incidents with the appropriate detail level.
- Cooperate with law enforcement in tracking down the perpetrators and their funds. Sometimes such criminals are apprehended after many years, when they start moving the stolen funds.
Possible consequences of neglecting this category:
- Loss of customer trust
- Panic among clients
- Reputational losses
- Lawsuits filed by clients
17. Regulation
National financial regulators are paying more and more attention to cryptocurrency markets. One after another various countries are introducing cryptocurrency regulation and taxation. While this is a burden compared to earlier times, it can be used as an advantage and a competitive benefit compared to unregulated exchanges.
Recommended steps in this regard:
- Establish a clear regulation strategy with different scenarios. Staying unregulated is a valid option, however possible market restrictions must be taken into account (i.e. ban on doing business with users from country x) and gradually more expansive regulation approach
- Avoid conflict with the regulator, as litigation may drive off customers and partners
- Identify a possible backup location for your exchange, if the current regulator starts submitting unreasonable demands
- To enable easier fulfilment of regulatory requirements consider setting up various entities to do business in various countries
Possible consequences of neglecting this category:
- Inability to do business in some countries
- Suspicion of money laundering and criminal activity
- Lack of trust from clients
18. Security education
Cryptocurrencies attract more and more interest not only from users but also from cyber criminals. Despite the technical security of cryptocurrency exchange, users can always turn out to be a weak link, because we are all human driven by emotions. There are many phishing campaigns and scams related to individual tokens, that is why continuous security awareness education is so important.
Implement the following ideas to increase security awareness among users:
- Notify users about currently running hacker campaigns that may affect them.
- Educate users by explaining attack vectors and available security mechanisms (phishing, 2FA, password reuse, password managers).
Possible consequences of neglecting this category:
- Users vulnerable to frauds due to attacks such as phishing.
- Lowered level of exchange security due to lack of security awareness among clients.
19. Continuous security
Last, but not least – verify. In theory, everything may look good, but it is crucial to confront it with reality. It is not always possible to predict everything, but it’s important that users feel that they are in good hands.
Check the security of your cryptocurrency exchange by a specialist from an external organization:
- Prevent the emergence of vulnerabilities by introducing threat modeling sessions.
- Educate employees through training, constantly raise their security awareness.
- Carry out regular security tests by a professional company experienced in your industry.
- Consider participating in the bug bounty programs.
- Specify how researchers can contact the security department when vulnerabilities or active attacks are detected.
- Monitor and detect security incidents, do not let the reported bug remain unhandled.
- Be transparent in case of security issues and provide reliable information and guidance to users.
Possible consequences of neglecting this category:
Serious vulnerabilities that have not been detected and mitigated.
- High costs of patching the security bugs on the production environment and handling security incidents.
- High susceptibility to phishing attacks.
- Reduced credibility in the eyes of customers.
What to do next?
Nowadays, large amounts of money pass through exchanges. There’s a lot of confusion due to dynamic development of blockchain-based projects. As in all aspects, there are also criminals using this confusion to commit crimes and steal assets from clients.
That’s why it’s important to think about each of these categories individually and establish clear policies. Threat modeling and realizing how an attacker can attack is one of the basic activities that should be undertaken.
I hope this list will help you make more aware decisions in the context of cryptocurrency exchange security. Don’t hesitate to contact us, if you have any questions or want to make your exchange more secure.
Last, but not least I would like to thank my colleague Damian Rusinek – for his support, as well as Marcin Kolago from Coinerro for invaluable help in working on the article, especially in terms of regulations or insurance protection.
Hackflix Product Lead