In January, a hacker stole $750,000 worth of Bitcoins by targeting a weak point of Electrum wallet. In 2018, flaws of ledgers of a HW wallet that attracted $75 million worth of B round investment were leaked.
Although global cryptocurrency exchanges are introducing electronic wallets as part of their plans to tighten up their securities, number of incidents involving security vulnerability has actually gone up rapidly. It was confirmed that amount of loss due to safety issues of electronic wallets was about $1.2 billion in 2018.
According to a cryptocurrency research company called TokenInsight and relevant industries, incidents involving security vulnerabilities of both hardware (HW) and software (SW) wallets are taking places one after the other.
Although number of incidents involving security issues is on a rise, cryptocurrency exchanges are continuing to introduce new electronic wallets. There were 340 cryptocurrency wallets at the end of December of last year and this number is 30% greater than the number of cryptocurrency wallets in 2017. HW wallets have shown security vulnerabilities in remote transaction hacking and supply chain security. SW wallets have shown security vulnerabilities in phishing page and personal key.
“Although the biggest flaw of cryptocurrency wallets is their technical flaws, cryptocurrency exchange industry has yet to prepare any effective solution.” said a representative for TokenInsight.
Amount of damage that occurred from hacking on electronic wallets is already 1.4 times greater than the amount of damage that occurred from bugs within cryptocurrency exchanges.
Cryptocurrency wallet can be categorized as a HW wallet or a SW wallet depending on its type. A HW wallet is an actual device that has an encrypted chip and it stores a personal key inside of safe area of the device. Aside for storage of a personal key and an ability to perform transactions, it provides services such as PIN authentication, seed restoration, and confirmation of a transaction. HW wallets are responsible for 24% of entire electronic wallets. A SW wallet can be divided into a PC SW wallet and a mobile SW wallet. It was confirmed that there are more security vulnerabilities of both types of SW wallets than that of HW wallet. Mobile SW wallet is a primary target of hackers as it has low level of security.
According to statistics, number of users of cryptocurrency wallets globally in 2018 was 31.91 million people and it increased by 48.3% compared to that of 2017.
Relevant industries are asking for stricter security inspection and application of multiple signatures system to every electronic wallet as electronic wallets are the main method for cryptocurrency transactions.
“While single signature system has one person possess his or her key, multiple signatures system has many people co-manage digital assets.” said a CISO (Chief Information Security Officer) of a cryptocurrency exchange. “Even top cryptocurrency wallets that were ranked top 10 in 2018 have yet to adopt multiple signatures system.”
Multiple signatures system requires personal keys of certain number of people during cryptocurrency transactions and it drastically improves stability of transactions of digital assets. Besides multiple signature system, experts are also asking for electronic wallets that support decentralized service when personal keys are stored.
“There is a need to tighten up security inspection and security requirements of electronic wallets as there has been many security incidents involving electronic wallets that are receiving spotlight as a security measure.” said a representative for a cryptocurrency exchange. “We need to actively push for decentralized storage service of digital assets.”
Staff Reporter Gil, Jaeshik | osolgil@etnews.com