Coinbase Rolls Out Extensive Security Update

Coinbase has added several new security features designed to make its cold storage business even safer.

AccessTimeIconJan 15, 2014 at 7:32 p.m. UTC
Updated Sep 11, 2021 at 10:16 a.m. UTC
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

Coinbase has announced the addition of several new security features designed to make its cold storage business even safer.

Over the past few months the company has spent time and resources implementing the new measures and increasing the percentage of coins held offline.

Key Splitting, more cold storage

is now using a new “key splitting” scheme – distributing shared pieces of security keys to safe deposit boxes and vaults around the world.

This means that key holders are never located in the same geographical area. So, theoretically, there cannot be a “single point” of failure.

This is not exactly a new idea. Similar schemes have been used to safeguard nuclear weapons against accidental launch for decades and they work flawlessly, otherwise there would be nobody around at this moment to read this very article.

's approach also ensures all keys are protected against loss, as all data is backed up with redundancy. The move also sees Coinbase increase the overall percentage of bitcoins it currently stores offline. Until now Coinbase stored approximately 90% of its funds offline, but now the number is closer to 97%.

Of course, the actual amount changes each day, depending on how many users deposit or withdraw their bitcoins.

Two-factor authentication

Coinbaselogo
Coinbaselogo

Since most Coinbase users already have a phone integrated in their account, the addition of two-factor authentication comes as no surprise.

Two-factor authentication requires users to enter a verification code from their phones along with their regular password. Needless to say, this approach bolsters security even if users chose to make transactions from various computers accessible by others.

If a user chooses to send more than a certain amount (which can be set to different thresholds) out of their account, two-factor authentication will be required. Two-factor authentication will be required for any transaction over the threshold. This approach should allow users to make micro-transactions with relative ease, whilst adding another layer of security to larger transactions.

Two-factor authentication will also be deployed by the company to safeguard other sensitive actions. Coinbase's blog post revealed:

"We have also added two-factor around various other actions on Coinbase, including recurring sends, API key actions, password changes, phone changes, Google Authenticator changes and SMS pin number changes."

It is worth noting that two-factor authentication does not apply to Coinbase access via the API key or OAuth.

Coinbase has also overhauled its activities page, allowing users to keep track of open sessions, account activity and session history with relative ease.

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.