Early bird prices are coming to an end soon... ⏰ Grab your tickets before January 17

This article was published on November 6, 2018

Researchers rank cryptocurrency exchanges by how secure they are

Kraken is apparently the safest, and cryptocurrency held there is the cheapest to insure


Researchers rank cryptocurrency exchanges by how secure they are

Prominent cyber-security firm Group-IB has graded the security of online cryptocurrency exchanges, as a means of assessing insurance risk. It found long-standing platform Kraken to be the most secure, with OKEx, Huobi Pro, and CoinCheck among the riskiest.

Alongside IT platform CryptoIns, Group-IB claims to have developed the world’s first assessment system for determining the insurance premiums required to adequately cover cryptocurrency kept on major exchanges.

Losses as a result of cyber-attacks on exchange software, theft, fraud, and illegal actions of crypto-exchange personnel are all apparently covered by the new cryptocurrency insurance policy.

Users across more than a dozen exchanges can now request their hodlings be financially protected by CryptoIns.

The framework weighs criteria like the level of technical security, the reliability of key storage, passwords, and personal data of customers provided by each exchange.

It also considers the quality of the individual risk management systems of each, and how rigid the know-your-customer (KYC) and anti-money-laundering (AML) procedures.

“In the first place, we assess how crypto exchanges deal with crypto and fiat assets: what are the exchanges assets keys’ storage and management procedures,” a Group-IB spokesperson told Hard Fork. “In some cases, with founders’ consent, the assessment includes penetration testing using social engineering methods aimed at the network compromise through the most vulnerable link at any organization – humans.”

The CryptoIns platform was developed by Swiss broker ASPIS SA, with Selecta Insurance & Reinsurance Company handling all insurance coverage.

Cryptocurrency on Kraken is the cheapest to insure

The insurance framework sorts cryptocurrency exchanges into four groups, in order of risk. Group-IB deemed exchanges in the first group to be the most secure, while considering the fourth group to be completely uninsurable.

The base insurance rate is 2.5 percent per quarter, with a discount applied depending on the group (with a maximum of 50 percent discount).

The only cryptocurrency exchange Group-IB deemed worthy of the most secure category is the long-serving Kraken. “According to our estimates, Kraken is the most secure exchange, with 1.25 percent insurance rate,” Group-IB told Hard Fork.

This means that for me to insure 1 BTC worth of cryptocurrency stored on Kraken, it would cost me 0.0125 BTC for 90-days worth of coverage.

The second group includes Bittrex and Coinbase Pro, with cryptocurrency kept on these exchanges demanding a 1.5 percent insurance premium for protection.

Digital assets on cryptocurrency exchanges Binance, Bitfinex, Bithumb, Bitmex, Localbitcoins, MyEtherWallet, and Poloniex were all assigned premiums of 1.9 percent, making this the most commonly assigned risk grading.

The least secure cryptocurrency exchange Group-IB analyzed was Yobit, which was removed from the list altogether just before going public with its insurance framework. Other excluded exchanges include Zaif, Bitstamp, TopBTC, and Bit-Z, the Group-IB spokesperson told Hard Fork.

Unfortunately, when pressed, neither Group-IB or CryptoIns were prepared to reveal the exact considerations made when labelling exchanges too risky to insure, stating that such information is confidential. 

The maximum amount of cryptocurrency users are able to be insure is the equivalent of 15 BTC ($96,000, at print time), with premiums payable in up to 100 different coins.

CryptoIns says it will issue insurance payouts in Bitcoin. Full-year coverage is also available, with the base premium costs increasing proportionally with the period of the coverage.

A representative also confirmed that those interested in covering their cryptocurrency will need to submit to KYC/AML procedures.

Get the TNW newsletter

Get the most important tech news in your inbox each week.