Crypto exchanges need to go all-in on security or risk becoming irrelevant 🚨 This article is 3 years old...
Crypto exchanges need to go all-in on security or risk becoming irrelevant
4 min read
Updated: Dec. 16, 2020 at 6:24 pm UTC
The security aspect of cryptocurrency exchanges remains an ongoing concern. Numerous companies take this matter too lightly or aren’t transparent about how they approach it. That situation needs to change if this industry wants to achieve mainstream adoption.
Crypto Exchanges Still Ignore Security
It is not the first time the topic of security brings more negative attention to cryptocurrency exchanges> I find it baffling how few companies openly confirm whether they invest in security measures these days. Such a lack of transparency turns away potential users. Moreover, even the existing users acknowledge that exchanges have a lot of work to do.
Back in 2018, a survey depicted how 54% of cryptocurrency exchanges have security holes. It was considered to be an overestimation of the problem. After all, everyone – including myself – assumed that businesses would learn from previous mistakes and the numerous incidents affecting the industry. Thieves took hundreds of millions of dollars through hacks and other security incidents at that point—an unacceptable situation, yet one that remains in place today.
In the same year, 40% of cryptocurrency traders confirm they are worried about platform security. It is a more significant issue to them than high trading fees or a lack of liquidity. Only 9% of respondents claim they have no problems with the exchanges available at the time.
Throughout 2020, the cryptocurrency industry has seen multiple hacks yet again. Affected companies include Cashaa, Coincheck, Uniswap, AltBit, and others. All of these projects suffered from security incidents and vulnerabilities. Why those loopholes even exist in 2020 is impossible to comprehend. Every piece of written code needs to be audited by multiple parties before making it accessible to the masses.
Sophisticated Attacks Become More Prevalent
One aspect to keep in mind is how exchanges have to beef up their security significantly. It is pertinent to learn lessons from the past and prepare for what the future may hold. Contrary to what some companies in this space may think, hackers will develop new ways to disrupt services and steal funds.
This problem is not new, either. Every new cryptocurrency exchange hack that takes place seems to raise the bar among cybercriminals. Rather than going after the exchange’s infrastructure itself, they are targeting individual users as well. Protecting the code of the platform’s backend itself will not be sufficient. Every company has the responsibility to keep its users safe from harm.
Tackling this latter aspect is often overlooked by exchanges, in my opinion. We live in 2020, yet many companies still allow users to set up two-factor authentication via email or SMS. Both of these methods are insecure and outdated. Enforcing authentication through Google Authenticator, YubiKey, or other solutions needs to become an industry-standard sooner rather than later.
Any exchange not willing to protect its users – budgetary reasons or not caring – cannot be trusted. These companies do not deserve to hold funds on behalf of their users. Now is the time to step up overall security and be completely transparent about these proceedings.
Transparency and Security are Mandatory
As this new decade progresses, security concerns will only become more outspoken. Carrying out day-to-day operations in a secure manner is no easy feat. Cryptocurrency is no longer a “Wild West” as far as regulation and compliance are concerned. Even if domestic governments aren’t imposing rules, I feel that individual users need to rise and demand better protection.
To many exchange operators, the concept of obtaining a business license seems foreign. Most of them don’t see the benefit of this approach and try to avoid getting it as long as possible. Delaying the inevitable will not only make the company look less trustworthy, but it also puts users’ funds at stake—an unacceptable outcome across the board.
Simultaneously, more and more regions actively force exchanges to get a license or pack up their business altogether. Japan and other Asian countries are vital examples of that mindset. As long as a company registers with the right instances and obtains a license, they can operate without any restrictions. Everyone else is unable to tap into these significant markets.
Respect Needs to be Earned
Any self-respecting exchange needs to prioritize obtaining the necessary licenses. Moreover, these companies need to be open and transparent about their current status. MXC Exchange sets the tone, as the company openly acknowledges which licenses it has in different jurisdictions.
This stems forth from the company’s focus on compliance, both domestically and globally. The company has licenses across Estonia, the US, Australia, Canada, and Switzerland. As the exchange now ventures into other markets, it will meet the regulatory requirements in these regions.
Furthermore, MXC Global does a lot of other things right on the security front. Looking beyond the licenses, the company works with five security companies, including KnownSec, Palmin Technology, and Chains Guard. It is this approach that ensures the exchange maintains its record of zero coin loss to date. All of its internal code undergoes regular audits to ensure no unforeseen security weaknesses show up.
Closing Thoughts
It is painfully apparent that very little has changed between 2018 and 2020. Traders still have to worry about the security and compliance aspects of their favorite exchanges. It is a situation that should have been put to bed years ago, yet that is not the case. The ongoing lack of transparency by exchanges is not helping matters either.
That said, there are beacons of light, such as MXC Exchange, displaying how professionals approach these matters. Furthermore, any exchange that aims to cater to a larger market – such as selling shares of the company to investors – needs to take security and compliance a lot more seriously. Doing so takes time and costs a lot of resources, but it will all be worth it. If protecting user funds is not a top priority, it is better not to operate an exchange or trading platform at all.
Posted In: Exchanges, Guest Post
