D24 Fintech’s CTO Guide to Crypto Security: 5 Strategies
In the wake of the largest digital theft in history—an estimated $1.5 billion heist from the cryptocurrency exchange Bybit—the industry is grappling with crucial security failures. The exchange, based in Dubai, was targeted, leading to a massive extraction of funds from an Ethereum wallet. Despite this, Bybit has assured users of its liquidity and has promised refunds to all affected users, demonstrating its commitment to mitigating the damage.
Osama Bari, Chief Technology Officer at D24 Fintech Group, emphasizes the importance of robust security measures. Bari believes that exchanges adhering to these rules drastically reduce the chances of suffering a similar breach. Here are five key strategies that can improve security:
1. Implement Multi-Party Approval Systems
The Bybit breach highlighted vulnerabilities in multi-signature authorization and user interface spoofing. In the latter case, attackers changed the displayed addresses. Bari says, “Even experienced professionals might overlook such discrepancies without a thorough investigation.” To address these risks, exchanges should implement a threshold-based, multi-party system for every transaction. This means requiring multiple approvals before a transaction is authorized, making it more challenging for attackers to manipulate the system. Also, real-time monitoring systems must analyze deposits and withdrawals with automated cross-checks for unusual activity. Manual verification with a comprehensive report should be mandatory for large transactions. Each withdrawal should be subjected to a transaction audit score assessment.
2. Ensure Two-Factor Authentication (2FA)
Two-factor authentication (2FA) is essential. Bari stresses that 2FA is not a new phenomenon, but its importance in ensuring only authorized personnel can view and manage funds cannot be overstated. Implementing 2FA is a fundamental measure for verifying users and a critical deterrent for hackers. This basic protection increases the complexity of breaching secure accounts. All financial providers must protect their users, and 2FA is a good way to increase security.
3. Leverage Custodians as Third-Party Security Providers
Custodians offer secure asset storage for fellow financial institutions. Exchanges need to understand the significant responsibility that comes with managing customer assets. Turning to external organizations to bolster security is a viable, cost-effective option for exchanges that lack the necessary infrastructure or resources to manage large sums of currency. Partnering with a trusted custodian will ensure customer capital is safe, allowing exchanges to enhance the user experience.
4. Perform Liveness Checks
A liveness check is a biometric measure used to verify a user’s identity, for example, their face or fingerprint.
“For crypto exchanges and financial institutions more generally, a liveness check adds that final layer of protection to dissuade hackers from attempting an attack. Having access to passwords, secure keys, or even primary devices is no longer enough to successfully bypass security measures—customers are protected as their faces, fingerprints, and even voices are all unique.”
5. Embrace the Strengths of Centralized Exchanges (CEXs)
Centralized cryptocurrency exchanges (CEXs) are regulated intermediaries. Bari noted: “A crucial element of cryptocurrency’s appeal throughout its history has been its decentralized nature, with many early adopters drawn to this form of currency by its anonymity. However, as crypto has become increasingly mainstream and a viable investment for individuals globally, it’s important to reshape our thinking and start putting security at the top of the list of priorities.”
Due to its centralized approach, Bybit was able to freeze assets worth $42.85 million shortly after the theft through collaboration with other platforms. This showcases the increased resilience of CEXs and demonstrates that trusted partnerships can limit the damage inflicted in a hack.
