The digital asset industry needs to move away from its obsession with storing wealth in the right kind of wallet – hot or cold – and instead engage a secure digital custody service.
From Mt Gox to QuadrigaCX, and now Bithumb too, the digital asset industry has been plagued by security issues, with $865 million worth of cryptocurrency stolen from storage and exchanges in 2018 alone.
Storing assets on exchanges, or assuming responsibility for private keys to hot and cold wallets has proven time and again to be a risk not worth taking
To explain why entrusting digital assets to a regulated custody solution, meet Vincent Chok, Founder & Group CEO of Legacy Trust, a Hong Kong-licensed trust company that offers institutional-grade custody for digital assets, and Demetrios Skalkotos, Global Head of Ledger Vault, a licensed hardware wallet provider.
Vincent Chok, Founder & Group CEO of Legacy Trust
On the greatest security challenges facing users he said:
“When criminals are unable to access the assets stored in cold wallets, they revert to more traditional methods of theft, like phishing or physical theft.”
“Cold wallets are as secure as users let them be: if they aren’t used properly, they won’t offer a complete security solution. Recent losses made by exchanges have shown that often funds that are promised to be kept in cold wallets are, in fact, not. Without proper policies or policing, user’s digital assets are being lost to exit scams or exchange hacks because inexperienced custodians are not adequately prepared to safeguard these assets.”
On the role of custodianship in the digital asset space he said:
“For a decentralized space, it is concerning how centralized user data and digital assets are when all kept in the same exchanges or hot wallets.”
“The future of digital assets will rely on specialization and separation. As the industry develops, so must the number of solutions meeting the needs of users. Think of what goes into building a house: there are surveyors, builders, plumbers, electricians and others who contribute to completing a home. Multiple highly-trained specialists are needed to create the final product safely and compliantly. Similarly, in digital assets, it makes sense to seek secure storage solutions from the experts, who already have the knowledge, rather than keep it in-house..”
“An independent custodian solution offers an unparalleled level of security, especially when you consider that many are regulated and have to adhere to strict compliance standards that protect customer assets. Custody providers have spent decades investing in technologically-sound storage solutions, so it makes sense to trust that expertise.”
Demetrios Skalkotos, Global Head of Ledger Vault
On the evolution of the digital asset industry he said:
“As the digital asset industry matures and is embraced by mainstream financial institutions, we have to remember that keeping crypto secure is still a major issue. There must be an increased focus on the security solutions being developed to prevent the next major enterprise-level hack.”
“For crypto to achieve mainstream adoption, security needs to be addressed at the enterprise level. The security that hardware wallets provide for individuals must be scaled for enterprises and exchanges to provide investors with peace of mind that their assets are secure.”
On the digital asset threat landscape he said:
“The need for a digital security ecosystem is greater than ever: we’re connected to the internet by numerous endpoints, giving hackers many targets. Protecting critical digital assets — from home security systems to medical devices, to bitcoin— will become increasingly more difficult.”
“Mt. Gox might have been about digital assets, but it represents a larger issue of security as more devices move online. As digital resilience becomes even more important, an organization’s entire digital ecosystem must be secured – from individual investments to enterprise-level custody solutions, to all IoT-connected critical digital assets.”
On how to properly secure digital assets he said:
“With Vault, in the hands of each administrator or operator, a Personal Security Device is used to interact with the platform. On the back-end, a Hardware Security Module (HSM) is executing the sensitive operations, such as checking governance rules and signing transactions.”
“All critical communications between the PSDs and the platform go through a secure channel providing strong protection against potential man-in-the-middle attacks.”