Have you ever heard people say "Not your keys, not your bitcoin"?

It means that if you are not in control of the private keys that allow your bitcoin to be spent, you are not in control of your own bitcoin. This is true for all cryptocurrencies.

In this video, Andreas Antonopoulos, one of the world's top bitcoin and open blockchain experts, makes the case for controlling your bitcoin private keys:

Andreas Antonopoulos explains how to secure your bitcoin.

How do you know if you control your bitcoin private keys?

If you have a bitcoin wallet on your smartphone or a hardware wallet where you were asked to write down a 12 or 24-word seed phrase for backup, you are most likely in control of your private keys.

This is not true if those words were spied on by someone else sometime during or after their creation. If you're at all involved in crypto, the first thing you need to learn is to practice good cybersecurity.

Your seed phrase is used to generate the public and private keys that allow you to send and receive your funds from one wallet to another. This holds the keys that control your bitcoin.

When are you *not* in control of your private keys?

While it might be a little strange to hear this from us, you should know that when you buy bitcoin on an exchange like Shakepay, you are using a hosted wallet and are not in control of your digital currency’s private keys.

This allows you to conveniently buy/sell and send/receive cryptocurrency but it also means that you are trusting us to be the custodian of your funds.

Rest assured, Shakepay implements the highest standard in security practices when handling customer funds. To give you an idea, the majority of customer funds are held in an air-gapped cold storage system. Only a small portion of funds are held in our online hot wallet, available for immediate withdrawals.

Private keys are generated offline using hardware security modules and are stored in different physical locations to eliminate single points of failure. Any fund transfer from the cold wallet requires the coordinated actions of multiple employees.

Smart bitcoiners will tell you to be skeptical

In the past, many bitcoiners have lost their funds in poorly managed exchanges.

They will tell you to never any keep funds on exchanges β€” especially if you are holding for the long term.

The absolute best practice for long-term storage or even the short-to-medium-term storage of any large amount of cryptocurrency is to only trust yourself and your own systems for securing your bitcoin.

Advice from the 1990s sci-fi TV show, "The X-Files". 

We encourage customers to keep their crypto in their own private wallets for maximum security

When storing your funds on an exchange, you are risking that someone else will gain access to your account with your username and password β€” information that can be hacked, stolen, and intercepted from your various computing devices.

Jennifer Leigh's excellent Cryptocurrency Security Guide.
"Be your own bank. Be your own security."

Bitcoin allows you to "be your own bank", but when you are a bank, you also have to think about the security needs of a bank: privacy, physical security, and information security.

It's scary to think about, but once funds are lost in a decentralized network like Bitcoin, there is no central authority that can help to reverse a transaction.

To reduce the risks of someone stealing your cryptocurrency, Shakepay has built security features like our app PIN lock, e-mail confirmations for withdrawals, login notifications, and 2-Factor Authentication for all account logins.

Shakepay offers e-mail confirmations and PIN codes to reduce the chance of unauthorized withdrawals.

You'll have to keep your account password safe, protect your phone in the physical world, and lock down your e-mail for maximum protection (including making e-mail password resets very difficult for hackers).

Our recommendations

Invest in a hardware wallet for long-term storage

A hardware wallet is a special type of crypto wallet in the form of a mini-computer that broadcasts a signed transaction to your personal computer.

It generates and stores your private keys on its own secure chip in such a way where they will never be exposed to your computer or the internet from the device.

This means that your computer can be completely infected with viruses and hackers should still not be able to access your private keys.

There are three hardware wallet manufacturers that we can recommend:

1) Ledger wallets

Ledger hardware wallets, particularly their Ledger Nano S.

2) Trezor wallets

TREZOR hardware wallets, particularly the TREZOR ONE or TREZOR MODEL T.

3) Coinkite Coldcard wallets

The Coinkite Coldcard hardware wallet β€” recommended for advanced Bitcoiners and tinkerers alike.

Securing your hardware wallet

Your hardware wallet will ask you to write down your seed words for backup. These should be stored securely where others won't be able to find or access them.

Warning: We recommend that you always buy hardware wallets directly from the manufacturer's website so that you don't receive a wallet with a pre-generated seed.

Ledger has made this handy guide on how to check that your device is genuine.

Always make sure your wallet asks you to generate your own 12 or 24-word seed when you receive it, and don't trust any device that comes with a pre-generated seed.

You should also never enter your recovery seed on any device connected to the internet (your computer, a phone, or any kind of cloud service) or it could be intercepted by a hacker.

For maximum security, don't keep a large amount of funds in an exchange hosted wallet

There is definitely a convenience factor to keeping funds in a hosted wallet.

You might want them there for trading, making exchanges, or sending and receiving funds with friends, like with our peer-to-peer transfers in Shakepay.

Still, we always recommend that our customers keep large amounts of funds on their hardware wallets for maximum security.