Guide to Crypto-Currencies Part 8 – Security Issues


In the last instalment, we looked at the problems that the price volatility of bitcoin could cause if it were to be more widely adopted as a mainstream currency, as well as some potential solutions. However, there is a bigger problem that could hamper its adoption by the mainstream, but even by the niche markets that it currently serves – security.

For those that are using bitcoin for illegal purposes – buying drugs online, or evading taxes – the anonymity of bitcoin transactions could be considered a security plus. This, however, is counterbalanced by the strong possibility that your bitcoins could go missing, leaving you out of pocket.

For people that are using them for other purposes, the anonymity itself presents a huge security risk. For example, if you buy something with a credit card, you have a legally-usable paper trail of transactions that you can use if a transaction goes awry. With bitcoin, every transaction is logged on the block chain, but the identities of the parties involved is not.

The latter problem can be quite easily compensated for by the creation of external paper trails between vendors and consumers, such as receipts and invoices. The former issue, on the other hand, is one that poses a serious long-term threat to the viability of crypto-currencies – namely sophisticated cyber-theft.

Some have argued that digital currencies will never be truly immune from cyber-fraud – that the arms race between hackers and those responsible for the security of digital currencies will never end, in a similar fashion to the battle between virus-creators and anti-virus programmers. And the more that virtual currencies are adopted by the public, the greater the prize will be for successful hackers – thereby justifying the extra effort that would be required to overcome increasingly-sophisticated security systems.

Cash vs Computers

If cash is stolen, it is difficult to trace it and/or recover it, and this is why people tend to avoid keeping the majority of their wealth in the form of physical banknotes. However, at least cash has to be physically removed before it can be spent. On the other hand, a bitcoin key is pure information, and this can be a difficult thing to keep secret even with the best will in the world. Also, most users will tend to treat all forms of electronic payment in much the same way, without necessarily adhering strictly to security protocols.

Needless to say, any currency that is intrinsically vulnerable to theft on a large scale is going to be onto a loser with the general public, and this is where bitcoin currently finds itself. Earlier this year, the biggest bitcoin exchange Mt.Gox was forced to close after $4.5 million worth of bitcoins went missing from its servers. Similar security breaches at other sites using bitcoin only added fuel to the fire, and since then bitcoin has been on a price downtrend as investor confidence in it has ebbed away.

Yet, there is some light at the end of the tunnel. Banks have been storing wealth electronically for decades now, with relatively few incidences of large-scale cyber-theft. The secret has been to firewall the data so that it can’t be accessed by remote computers, and this has meant centralised storage and approval.

This is a model that could have applications for a de-centralised currency system, and at the moment, bitcoin wallets are stored mainly in the hard drives of computers. This presents an inherent security risk, as computers – particularly PCs – are constantly bombarded with spyware, malware, and viruses.

Smartphones as Wallets?

One alternative is to store the wallet locally on a smartphone, and purely from the standpoint of digital security, this makes a lot more sense. According to Kevin McNamee of Kindsight Security Labs, the mobile malware infection rate is only 0.6%, compared to 10% of residential machines. On the other hand, you’re much more likely to lose your phone than you are to lose your PC – so we’re back to square one.

As a result, most end users have ended up using their digital wallets much like real wallets – they won’t carry much cash around in them, just in case it gets lost or stolen. One potential solution to this is to back up your encrypted bitcoin wallet to the cloud using an app such as Mycelium Bitcoin Wallet. But then, as soon as you have it online – even in encrypted form – you have compromised the security of it by making it remotely accessible.

Ultimately, the solution may lie in the form of dedicated hardware – a ‘bitcoin safe’ if you like, but the extra hassle involved with this may put most people off the idea. After all, the whole appeal of digital payments, for most people, is convenience, and if you get to the stage of installing a dedicated bitcoin safe in your home, you might well be tempted to look into alternatives that are a bit less of a hassle – such as paying with a good old-fashioned fiat currency using PayPal for example.

A lot depends on how many more security breaches there are involving bitcoins. Another bad news story like the Mt.Gox closure could spell the end for bitcoin, but if the security system can be adequately managed and cases of theft become increasingly rare, then the perception of the whole security issue could change. In the world of virtual currencies, perception is the most crucial element in terms of their credibility as a store of value.

Other articles in this series

Guide to Crypto-Currencies Part 1 – Introduction
Guide to Crypto-Currencies Part 2 – The Bitcoin Bubble
Guide to Crypto-Currencies Part 3 – How Bitcoins Work
Guide to Crypto-Currencies Part 4 – Bitcoin Mining
Guide to Crypto-Currencies Part 5 – Transactions
Guide to Crypto-Currencies Part 6 – The Problem(s) With Bitcoin
Guide to Crypto-Currencies Part 7 – Solutions to Volatility
Guide to Crypto-Currencies Part 9 – Bitcoin Alternatives
Guide to Crypto-Currencies Part 10 – The Future of Money?