Cryptocurrencies: 2788 / Markets: 19401 Market Cap: 24h Vol:
1 week ago

Cryptocurrency exchanges- Meaning, Functions and Security issues

The growth of cryptocurrency has largely been enabled by cryptocurrency exchanges. Wikipedia describes a cryptocurrency exchange platform whose business allows customers to trade cryptocurrencies or digital currencies for other assets, such as conventional fiat money or other digital currencies. It was first referred to as digital currency exchange (DCE) but is now more widely known as the former term.

A crypto exchange can be likened to the traditional stock exchange where traders can opt to buy and sell bitcoin (for instance) by inputting either a market order or a limit order. The trader is then able to authorize the exchange to trade his coins for the best available price in the online marketplace after a market order is selected. For the case of a limit order, said trader can direct the exchange to trade coins for a price below the current ask or above the current bid, depending on whether s/he is buying or selling; this is very similar to the regular stock exchanges.The options and functions of crypto exchanges vary based on the founders' choice. There are some tailored for traders and others are built to address prompt crypto-fiat exchange. Like how trader focused Crypto exchanges allow users to buy crypto and sell them with lower commission fees but may not be the case on crypto-to-fiat exchanges. Amongst the common functions of cryptocurrency exchanges are: setting the rate of the currencies (coins and tokens). There are several factors that can affect the price of cryptos but these rates are derived via the actions of sellers and buyers. Another function is being a market maker; exchanges typically takes the bids from sellers and matches them the buyer when an agreement is reached. Since they act as a matching platform for buyers with sellers, they receive fiat, cryptos and issue IOUs for customers.

All functions and options have different terms and fees that accrue. Transaction fees that are applied to each completed buy and sell order carried out within the exchange exist. The fee rate is dependent on the volume of bitcoin transactions that is conducted. An instance, a renowned crypto exchange 'A' has its rate ranging from 0 to 0.25%, and another exchange 'B' has fees range from 0 to 0.30% on the amount of a sale. For some, these fees are borne by the sellers while others may be for both parties. 

It is important to note that a crypto exchange is not a crypto wallet. The former as explained above offers a platform for transacting, while the latter is simply a digital storage service that holds user coins securely. Some exchanges have their indigenous wallets where digital assets can be kept (they may charge a fee for this service type as well) while others may allow select outsourced wallets for storage. Wallets actually store keys that authorize transactions and access cryptos tied to an address (in a more technical explanation). However, some crypto exchanges in existence are decentralized like Etherdelta, IDEX and HADAX hence they do not store users' funds on the exchange, but only facilitate peer-to-peer cryptocurrency trading. Going by the nature of the first cryptocurrency to be created, bitcoin (Bitcoin is decentralized), many digital currency exchanges were created specifically for the exchange of decentralized cryptocurrencies. Also, Crypto exchanges differ from a stock exchange in that traders buy and sell assets (like shares, bonds) in order to profit from their changing rates, but traders use cryptocurrency pairs to profit from the highly volatile currency rates on crypto exchanges.

For a user to get started on an exchange, one has to go through registration and series of verification processes to authenticate an identity. Upon successful authentication, one then owns an account with the selected exchange and can then fund such account to purchase an asset into it. There are different payment methods that can be used for depositing funds ranging from bank wires to direct bank transfers, credit or debit cards, bank drafts, money orders, and even gift cards. Making deposits and withdrawals attract fees too, depending on the payment method chosen to transfer funds.

Security Issues- How secure are Crypto exchanges?

According to research, the combined monthly trading volume of the largest crypto-exchanges exceeds hundreds of billions US dollars and that has to be sweet smelling savor that draws cybercriminals. Digital thieves have stolen millions of dollars’ worth of cryptocurrency from various exchanges over time. In the first half of this year alone, about 7 Crypto exchanges have been hacked to the tune of millions of dollars.

Security problems that affect other exchanges, do not affect the decentralized exchange category mentioned earlier but a pattern of as of low trading volumes has been seen in those exchanges from mid-2018. Mt. Gox, was once the largest crypto exchange in early 2014 but the records a large theft of Bitcoins that were stolen straight out of the Mt. Gox hot wallet over time (starting in 2011) caused their downfall. The company suspended trading, closed its website and exchange service then filed for bankruptcy protection in Japan from creditors. By April 2014, they had begun liquidation proceedings as they couldn't recover from the theft. From the past six months, there's been the Bitrue hack, Binance hack, and most recently GateHub hack amongst others.

Despite the different regulations from country to country, there is no full protection for loss of crypto assets. The security of exchanges cannot be overemphasized, even if attempted hacks or actual hacks are always a possibility, combined measures can keep digital assets safe. Crypto exchanges are somewhat safe and secure but there's no harm in 'upping' your security game to curb breaches. 

There are crucial aspects that if checked, assure people and even make the cyber thieves attempt and fail. From a study in 2018, it was derived that most exchanges use some or all and even more of the following parameters for the security of the user account, Domain & Registrar Security, Web Security to be ensured. For account security, a check for errors in the content of the exchange code, which could lead to malfunctions in the application, availability of 2FA, ability to create a strong password and Confirmation of actions on the stock exchange through the mail is needed. The domain and registry security and Web Security had these checked in different exchanges for the referenced study:

● The Registry lock is a special flag in the registry (not your registrar) that prevents anyone from making changes to your domain without out-of-band communication with the registry.

● Security-conscious organizations avoid leaking this kind of private information by using role accounts to register their domain names. Role accounts protect individuals in your organization from being targeted by attackers.

● We recommend at least a 6-month expiration window for high profile domains. This is enough leeway to deal with unforeseen complications, such as an employee owning the domain leaving the company (again, this is a good reason to use Role Accounts).

● DNSSEC eliminates the threat of DNS cache poisoning by authenticating all DNS queries with cryptographic signatures. Instead of blindly caching DNS records, DNS servers will reject unauthenticated responses. Also, The HTTP Strict-Transport-Security response header (HSTS)that lets browsers know it should only be accessed using HTTPS and not HTTP.

● Clickjacking attack protection- A malicious technique of tricking a Web user into clicking on something different from what the user perceives they are clicking on.

● Drive-by Download attack protection -An unintended download of computer software from the Internet.

● Man-in-the-middle (MITM) attack protection- Attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other.

● POODLE attack protection- An exploit that takes advantage of the way some browsers deal with encryption.

● Heartbleed attack protection- Leads to a leak of memory contents from the server to the client and from the client to the server.

● Robot vulnerability protection

Based on statistics & general rating drawn from the study, many exchanges are not protected from most attacks leaving them vulnerable. All exchanges were protected from POODLE, Heartbleed and MITM attacks, Only 37% of exchanges have HSTS header. Only 16% of exchanges were protected from Clickjacking attacks, DoS attacks although 1%  of exchanges were not protected from Robot vulnerability. The keynote here is that all measures, when combined will ensure optimum security and protect exchanges from security breach. Then again there's no investment without its risks. Users have the responsibility to choose reliable and verified exchanges to register with and make only informed decisions regarding picking an exchange. In other words, invest in reliable assets, diversify your portfolio and choose good crypto exchanges. 

The largest cryptocurrency exchanges based on the volume and estimated revenues data collected according to a report in 2018, the top three cryptocurrency exchanges are Binance, Huobi, and OKEX. As of now, in no particular, the top 10 worldwide are Binance  MLT Upbit  ROK, Huobi  SIN, Bittrex  USA, Bithumb  KOR, OKEx  MLT, Bitfinex  HK, Coinbase  USA, Bitstamp  GBR and Kraken  USA.

READ MORE

How do people benefit from Trading Bitcoins?

A joint call by U.S. Lawmakers to halt Facebook’s Libra Project

What are the Top 20 Cryptocurrencies and What makes them stand out?

New Blockchain Initiative distinct From Ongoing IBM Project; Nestle

Can Regulation Help Cryptocurrency Mature?

Facebook reportedly talking with Binance to get on board the Libra Project

Chainlink Trading to be enabled on Coinbase Pro

The track record for Bitcoin's Surge in Q2 Leading to the new 2019 High.

Facebook Continues its Hiring spree for New Crypto Team; Finance Lead

US Lawmakers call for Hearings that may temporarily halt Facebook’s Libra project

 

 

Credits- JAKE FRANKENFIELD, Kira Egorova, Joseph Young

Anita O.

Lover of tech and blockchain.

Get Crypto Newsletter