Digital currencies and securities

This chapter discusses the security aspects of storing and handling digital currencies and securities like Bitcoin.

Digital currency services are especially attractive cybercrime targets. Digital currency transactions are anonymous, non-reversible and non-traceable. This makes stealing, laundering and liquidating digital currencies very easy for criminals. The non-reversable transaction mechanism complicates attacks, as often the services can neither chargeback lost assets nor reimburse customer losses.

Traditional credit card, debit card and wire transfer-backed transaction mechanisms are more merciful. Such transactions can be reversed, making it harder to liquidate stolen assets. Anti-money-laundering regulation ensures that it is not possible to move assets without leaving a trace for investigation. Furthermore, the institutions issuing cards and bank accounts have mechanisms to address fraud, co-operate with police and insure funds. For example, the compromise of an e-commerce site poses relatively little risk to its owners and customers unless the site was maintaining a balance in digital currencies.

Thus, services dealing with digital currencies and securities should approach security matters with tremendous seriousness. History shows that companies possessing millions of dollars of funding to address security still fail in basic execution (Bitstamp, Bitpay).