Store the private key of your virtual currency offline

Keeping them at a secure offline location guards you against the risk of hacking and malware attacks

Bitcoin, the biggest cryptocurrency by market cap, has been making news for rapidly breaking new price barriers. Even as more investors join the cryptocurrency bandwagon, the latter are also attracting attention from hackers. NiceHash, a Slovenian cryptocurrency mining marketplace, recently lost about $64 million worth of bitcoins in a hack. Last week, the Reserve Bank of India (RBI) also reiterated its warning to the public about cryptocurrencies. Besides highlighting the risks from price volatility and the absence of a regulator, the central bank also referred to the risk of losses due to hacking, malware attacks and loss of passwords. Indian investors joining the cryptocurrency gold rush need to take steps to safeguard themselves against these security risks. 

Your cryptocurrency has a pair of keys: The public key and the private key. The security of these virtual holdings depends on how well you safeguard the private key. “Think of it as a very long and complicated password. To prove that you own a portion of the blockchain, you need the private key which authorises transactions,” says Udbhav Tiwari, policy officer at the Centre for Internet and Society, Bengaluru. If you lose the private key, you lose your cryptocurrencies and there is no way to identify who stole them (they are as anonymous as cash).  

If you own only a few cryptocurrencies, you may store them with the exchange or with an online wallet. But as the number of your holdings grow, it is prudent to keep them in your own custody. One option is to store them in a personal wallet on your computer. This wallet will encrypt the key and can only be retrieved using a password. Two types of personal wallets are available: Open-source and closed-source. “Store your cryptocurrencies in an open-source wallet. A lot of people have seen the source code of the open-source wallet and tested it. So there is a lesser chance that it may have a malicious code or a loophole. A closed-source wallet could have a loophole that the developer has left in it,” says Sreekanth G S, chief operating officer, Coinome, a cryptocurrency exchange. 

 

If you have stored your private key on your desktop, laptop or mobile phone, you also need to protect yourself against malware attacks. “The best way to do so is to have the most updated anti-virus software or application installed on your desktop, laptop and phone. Also, never click on links from unknown and unreliable sources as they could be phishing or spam links. Don’t respond to junk emails and don’t download applications from untrusted sources on your devices,” says Rakesh Yadav, chief technology officer and co-founder, Koinex, a cryptocurrency exchange.

Some degree of threat, however, remains so long as you store your private key digitally. To secure yourself further, print the private key on a piece of paper and place it in your bank locker. Unless someone breaks into the locker, your cryptocurrencies are safe. An even safer option for storing it offline is to keep it in what is called a hardware token. This is a storage device that encrypts and stores content, and can only be accessed using a PIN, fingerprint or some other form of authorisation. The hardware token may then be stored securely at home or in your bank locker. Sometimes, users also lose their bitcoins because they store their private key at some place and then forget where they kept it. No less a person than Elon Musk has admitted to this lapse. “Users need to store their private keys securely at multiple locations, and make sure nobody knows where they are stored,” Yadav says.