Tl;dr: With over 52 million Americans owning crypto, mobile wallet security is crucial. Threats that include network spoofing, malware, and phishing make it essential to use robust security measures. Coinbase recommends several key tools for safeguarding mobile crypto wallets: Two-factor and biometric authentication, security keys, and VPNs. Staying cautious on public Wi-Fi and doing regular wallet recovery phrase backups with encryption are also critical. As crypto activity and security risks rise, keeping devices and software up to date ensures your assets remain protected.
This post is part of a weekly Tuesday series at Coinbase about the latest consumer protection and security measures for crypto owners.
At Coinbase, we’re working hard to help update the financial system, and make it more safe and secure. While only 0.34% of blockchain transactions are used for illicit activity, and cash remains the preferred medium for illicit transactions, crypto security is always a top priority. Coinbase maintains a robust compliance program, which includes Know Your Customer (KYC) checks, sanctions screenings, suspicious activity reporting, and strong law enforcement partnerships to detect and prevent illicit activity on our platform.
Mobile security in the fast-moving world of cryptocurrency is our strongest anchor.
With more than 50 million crypto owners in the U.S. using their mobile devices to buy, trade, and store assets, staying on top of the latest security tools is paramount. A stolen or lost smartphone or tablet without the right security measures can lead to irreversible losses.
When it comes to digital protection, accessing a mobile wallet is very similar to logging into a mobile bank account or buying and selling stocks on a mobile device. Even when our smartphones and other devices are safely in our own hands we always need to be vigilant.
Our mobile devices are prone to a rising number of threats that include network spoofing, spyware, malware, and phishing attacks. The need for swift and seamless security is steadily increasing as today’s crypto owners navigate a growing assortment of digital wallets.
Among the latest mobile security threats are “overlay attacks,” which target crypto wallet owners and other financial account holders—with Android mobile users being among the most vulnerable. These attacks involve hackers installing fake interfaces on user devices to phish vital information, including usernames and passwords, which are then inputted into the actual interface on the hackers’ behalf.
The upside is that there are many proven security tools that can be used with Coinbase Exchange and Coinbase Wallet—the safest platforms to buy, trade, and store crypto on. These tools include the use of two-factor (2FA) and biometric authentication, security keys, and virtual private networks (VPN), as well as frequent wallet recovery phrase backups and careful mobile usage in public Wi-Fi networks. It’s also important to ensure that our mobile devices are always up to date with the latest operating systems and software to help minimize security breaches.
With that in mind, these are five of the best ways to secure your crypto on one or more mobile devices.
1. Adding Authentication: There are multiple ways to secure wallet access through 2FA, including SMS (text messages) and authenticator applications. Three trusted authenticator apps that can be used with Coinbase and Coinbase Wallet are Google Authenticator, Microsoft Authenticator, and Duo Mobile. Mobile users can also utilize Coinbase Security Prompt—a verification method that delivers push notifications from an active mobile session to approve or deny a login attempt from another device. This provides an added layer of protection. One of the surest ways to secure our assets, of course, is to use our own voices and fingertips. Biometric authentication is a highly trusted security measure also used by many of the largest financial corporations around the world.
2. Using Security Keys: These physical hardware authentication devices generate a one-time-password that allows access to a mobile wallet only when the security key is inserted. Security keys offer more protection than other 2FA methods because the credentials don’t need to be stored on a networked device. Coinbase supports Universal 2nd Factor (U2F) security keys from a range of vendors.
3. Employing Virtual Private Networks: VPNs protect mobile users by encrypting their data and hiding their IP addresses from potential hackers. This allows for greater privacy and security by masking a user’s identity, location, and browsing activity. Crypto owners who want to ensure that their digital assets cannot be seen by others can use a VPN to shield their wallets.
4. Being Mindful of Public Wi-Fi: Public Wi-Fi is a major convenience for those of us who are always on the go. It can also be a significant security risk due to large and often immeasurable user groups which can include bad actors. For those who access their wallets on Public Wi-Fi, using added protection to mask important information, such as one’s IP address, plays a pivotal role.
5. Doing Frequent Recovery Phrase Backups: In the case that a mobile device is lost or stolen, having a wallet recovery phrase backup is essential. These backups can be encrypted and protected with the use of a 12-word recovery phrase, also known as a seed phrase, that only the account owner knows. It’s important to keep these keywords written down in a safe physical location and never viewable on the mobile device. Coinbase created an encrypted Google Drive and iCloud feature as an added safeguard to help with recovery phrase backups. These backups can also be done manually.
At a time when crypto activity is reaching new heights, following these important mobile security measures keeps us all safer on the blockchain.