In this guide, we’ll delve into the finer details about the online cryptocurrency broker Coinbase and explain whether or not Coinbase is a safe crypto exchange platform to use. We will overview the security measures that Coinbase has put in place to deter hackers and safeguard the platform. In addition, you will learn about the company’s hack history, credibility, commercial sponsorships, uplisting on the NASDAQ, and the effect of institutional crypto purchases facilitated by this platform.
Coinbase is a cryptocurrency broker and a trading platform where you can buy and trade Bitcoin and other cryptocurrencies. Since its launch in San Francisco, California, in 2012, Coinbase has grown substantially to be considered one of the industry’s biggest crypto-broker exchanges.
After its incorporation, the broker experienced exponential growth, employing over 1,700 employees, serving 100 countries, and generating over $1.8 billion in the first quarter of this year alone, surpassing the total revenue of $1.3 billion in 2020.
Coinbase core products
Coinbase has three core products:
- Coinbase crypto brokerage services for retail customers;
- Coinbase Pro a professional trading platform;
- Coinbase Prime for institutions.
Renowned for its consumer-facing products, Coinbase’s easy-to-use consumer platform interface enables users to buy and sell crypto on the brokerage.
Coinbase Pro provides tools only reserved to traders, including charting software with trading indicators, a real-time updated order book, and margin trading with up to 3x leverage.
Since institutions have different needs to retail investors, Coinbase has launched the beta version to accommodate the ever-growing demand from clientele as more people enter the crypto space. The U.S. company designed Coinbase Prime with fund managers, hedge funds, endowments, and sovereign wealth funds in mind as they require access to deep liquidity pools.
Since Coinbase has various products available to offer, such as wallets, e-commerce solutions, custody, cryptocurrency staking, and vault, to mention a few, be sure to read our in-depth Coinbase review 2021 to learn more about the platform. Also, check our in-depth Coinbase fees guide to consider the fees charged when using Coinbase’s most popular products.
Nowadays, various exchanges are available in the cryptocurrency market, which can differ in fee structure, security, and ease of use. However, Coinbase stands out as one of the most high-profile, trusted platforms on the market when accounting for all of these factors.
And while Coinbase may be well-known, especially in the United States, its brand awareness has grown further afield. Coinbase has over 40 licenses to operate in just the U.S. alone and is licensed to work in another 31 countries that make its list legally.
Coinbase is a highly credible, well-insured, and straightforward-to-use interface. Under the pilot BitLicense program, Coinbase is one of only four exchanges to have a license in the state of New York. Thus, it adheres to strict KYC (Know Your Customer) rules and stays compliant with regulations and statutes.
In 2019 Coinbase rolled out Coinbase Custody, which stores cryptocurrency assets completely offline in cold storage wallets. Moreover, Coinbase keeps its assets insured, so technically you cannot lose any of your money through hacking or theft.
Due to the security strength of the digital asset broker, attackers have opted to get around the system by attempting to steal cryptocurrency through elaborate phishing attempts using social media and other methods.
For instance, Coinbase was able to halt $280,000 in Bitcoin transactions when hackers overtook several high-profile Twitter accounts and solicited funds from unsuspecting followers. Outside of these attempts, Coinbase has been a secure exchange.
Multi-factor authentication hack [October 2021]
However, on October 1, 2021, hackers were able to access and steal cryptocurrency from approximately 6,000 Coinbase users by using a multi-factor authentication vulnerability, according to a breach notification letter sent by the cryptocurrency exchange to affected customers. A large-scale phishing effort targeted customers of Coinbase between March and May 20, 2021.
Some individuals may have opened the fraudulent emails, revealing their usernames and passwords. Additionally, a vulnerability in the exchange’s system compromised users with multi-factor authentication even when enabled.
Coinbase claimed the malicious actors used a flaw in its SMS Account Recovery procedure [PDF] to exploit the vulnerability. Meanwhile, the hackers could get the two-factor token meant to be sent to the account owner’s phone.
Note: The exchange stated in a message to its clients that it immediately fixed its SMS Account Recovery procedures and that everyone who had lost cryptocurrency as a result of the incident would be reimbursed.
Key security measures
Given KYC rules, users must submit a government-issued I.D. and, in some cases, address verification to use the platform’s BUY and SELL features.
The fact that you cannot use the platform anonymously adds additional safety. It legitimizes its use for honest customers while deterring dishonest users away from the exchange.
However, despite the verification process being one of the features that make Coinbase safe to use, the lack of anonymity can be an issue for some, as Coinbase is obligated to report its users’ information to the governing bodies that regulate it.
Rigid KYC policies allow transactions to be monitored and prevent anonymity. However, there are limits put in place on how much you can spend or withdraw, which may be considered a positive for some users.
One of the biggest complaints customers have with Coinbase is the onboarding process, which can be lengthy and arduous. However, additional verification steps reinforce their aim of having legitimate, genuine users.
Utilization of cold storage for security enhancement
While it is never 100% safe to keep your money on any online exchange, Coinbase has one of the safest web wallets you can use since it holds 98% of its assets in offline cold storage that cybercriminals cannot access.
Now not only are client crypto assets stored offline in the cold wallets, but the platform also takes the extra preventative measure to spread such wallets globally.
Only 2% of assets on the platform are available online in the hot wallet system, and Coinbase has those insured for any losses. That way, if a hacker ever stole your money from Coinbase, it would be reimbursed.
Whatsmore, Coinbase has covered its customers’ deposits up to $250,000 per account through FDIC insurance. However, this coverage only applies to U.S. customers holding U.S. Dollar deposits. Furthermore, crucially the insurance does not cover crypto assets.
Coinbase wallet’s security
Each customer’s Coinbase wallet, wallet addresses, and private keys feature encryption.
Coinbase’s policy with data management means that all personally identifiable information (PII) and other sensitive account information the digital brokerage keeps offline.
By the same token, personal data is encrypted under AES-256 encryption and split into multiple copies held in FIPS-140 USB drives and paper backups for redundancy. These copies remain in various secure locations.
The Delaware-based firm uses more encryption on its website, and mobile apps and hashes account passwords using bcrypt before storage to ensure safe purchases.
Additional security features
To that end, Coinbase has cold wallet storage, USD funds insured, customer information, customer wallets, website, mobile application, wallet addresses, and private keys all encrypted.
Coinbase has internally implemented several additional security precautions to ensure that its systems are safe if this was not sufficient. The preventive measures are as follows:
- Employee devices use unique passwords and two-factor authentication (2FA);
- Employees have to pass a criminal record test;
- Employees must encrypt workstation hard drives, and access to them is only possible through solid passwords.
Additionally, customers are all encouraged to utilize 2FA. There are three types of 2FA available to account users:
- Phone/SMS – the least secure method, but better than single-factor authentication. A one-time passcode is sent to the users’ phone every time they log into their account;
- TOTP authenticator, such as Google or DUO, provides random codes that are time-sensitive to be used during login;
- Hardware keys are physical token devices similar to flash drives that provide additional authentication when logging in. Popular Hardware keys include Trezor and Ledger.
Popular cryptocurrency hardware wallet manufacturer Ledger, specializing in multi-currency wallets used to store private keys for cryptocurrencies offline, has seen a recent attack on its server, revealing sensitive customer data to hackers on the internet.
The attack demonstrates that although funds can be kept in cold storage, your personally identifiable information, which could potentially put your assets at risk, can still be obtained outside the realms of an exchange.
For this reason, all users receive the same advice never to outsource their assets’ security and remain vigilant with their investments from Coinbase.
Coinbase is a publicly traded company (NASDAQ: COIN)
Coinbase became the first U.S.-based cryptocurrency exchange to go public on April 14, 2021. Trading under the symbol COIN, shares of Coinbase opened at $381, with a company valuation of almost $100 billion. As a result, when Coinbase released its first-quarter results on May 13, 2021, they were roughly in line with projections.
Moreover, Coinbase’s recent uplisting onto the NASDAQ has provided certain benefits to the platform. Companies that aim to join stock exchanges, such as NASDAQ or NYSE, must meet specific financial reporting, effective corporate management, and regulatory requirements.
Upon becoming part of the key stock exchanges, enterprises can enjoy enhanced visibility, increased transparency, and trust amongst the traders. Therefore, the listing for Coinbase has given further credibility to cursory glance that only sees negative news associated with the technology.
However, many people are still skeptical about cryptocurrencies and Bitcoin, often associating the space with scams, money laundering, and other illicit activities.
Coinbase has become a shirt sponsor for the Esports team, Evil Geniuses, to get exposure in another rapidly growing industry in recent months. But more importantly, newfound commercial links with well-respected businesses such as PayPal, Google, and Apple are set to benefit Coinbase as partnerships with these establishments will help the company bring more credibility to its brand awareness.
Customers in the U.S. can now use the company’s branded debit card in Google and Apple wallet applications for payments. Card-carrying members can add the Coinbase Card to digital wallets via Google Pay, the Apple Wallet, or the Coinbase apps.
The Delaware-based digital brokerage states it will automatically convert the digital currencies to U.S. dollars and transfer the funds to the user’s Coinbase Card for everyday purchases, such as grocery store shopping and ATM withdrawals. So on that account, Coinbase is normalizing itself in the daily life of the consumer.
Institutional crypto purchases
The U.S.- based crypto exchange has been aiding corporate America to invest in Bitcoin.
Coinbase facilitated institutional crypto purchases for companies such as Tesla and MicroStrategy. In addition, the more well-known deep-pocketed corporate clientele are beginning to use the platform’s institutional trading arm.
Furthermore, the platform now has more than five Fortune 500 firms as clients. This illustrates that known companies trust Coinbase with their money, and more substantial investments are predicted to come.
At present, Coinbase has 7,000 institutional investors using the company’s platform.
Trusted and well known for its strict token onboarding policies; hence, Coinbase only crypto projects that pertain to the incorporation policies and requirements can expect to feature on the platform.
Coinbase institutional’s introduction of Coinbase Prime strives to offer the highest quality services for those investors who want to engage in the digital assets sector.
Technological breakthroughs the platform expects to offer include:
- Advanced trading capabilities;
- Data analytics;
- Crypto transfers between cold storage and trading balance;
- Algorithms that minimize market slippage.
To recapitulate, a vast user base of 43 million has put their faith and trust in a platform that has been tirelessly deploying tools to make their platform more inviting to institutions and retail investors. Thus far, the U.S. based company has sustained these high standards by:
- Safeguarding cybersecurity measures;
- Implementing the latest solutions in technology;
- Upholding a highly regulated platform to the highest standard in regulation;
- Insuring clients’ funds, encrypting all key facets, and protecting customer data.
Therefore, Coinbase is safe and secure to engage with digital assets for both retail and institutional investors.