Is Coinbase safe to store crypto?

Is Coinbase safe to store crypto

About Coinbase

Coinbase is among the most popular cryptocurrency brokers in the crypto industry. The company was founded in 2012 as part of Y Combinator – an American seed company startup accelerator. It began as a simple Bitcoin brokerage service – selling Bitcoin directly to customers. The exchange would later grow to one of the largest cryptocurrency exchanges in liquidity. In this article we will talk about if “is COinbase safe to store crypto”.

Coinbase Products

  • Coinbase cryptocurrency brokerage service
  • Coinbase Pro
  • Coinbase Prime
  • Coinbase Card

The cryptocurrency brokerage service is tailored for retail customers and has an easy-to-use platform.

Coinbase Pro is a professional trading platform that provides trading tools such as charting software trading indicators, live order book, and merging trading with up to 3 times leverage.

The most recent product on the list is Coinbase Prime, which responds to the needs of institutions. The platform accommodates the growing demand from clientele as more people join the crypto space. The company is designed with fund managers, endowments, hedge funds, and sovereign wealth funds. Coinbase Prime creates access to deep liquidity pools.

Coinbase Trustability

Many exchanges are currently available in the crypto market. They platforms differ in fee factors such as security, fee structure, and ease of use. However, Coinbase is one of the few exchanges that stands out as the most trusted exchanges in the market, considering all the significant factors.

Currently, the exchange has approximately 89 million verified users. It also has about 11,000 institutional users and 185,000 ecosystem partners in over 100 countries. The exchange has more than 3700 employees. It has $278 billion assets on platforms and registers $547 billion quarterly volume traded.

About Coinbase. (Source: Coinbase)

Coinbase is highly credible. It is one of the only four exchanges with the license to operate in New York. The platform adheres to strict KYC (Know Your Customer) rules and complies with regulations and statutes. It is also well insured – carrying crime insurance protects part of users’ digital assets that the exchange holds against losses from theft and cybersecurity breaches.

Hack History

In 2018, Coinbase launched Coinbase Custody, which offers clients access to secure, institutional-grade cold storage. The custody provider is an independent, NYDFS-regulated entity built on the crypto-first DNA of Coinbase. It offers reliable crypto storage solutions. Additionally, Coinbase has insurance for users’ funds against theft or hacking.

The robust security system the broker has put in place proves a bulwark to attackers who want to steal assets directly from the custody. The attackers instead get around the system by stealing digital assets through phishing attempts through social media and other methods. For example, in July 2020, Coinbase stopped an attempt to steal more than $280,000 from over 1,100 unsuspecting customers during a Twitter hack.

coinbase multifactor authentication glitch
The multifactor authentication glitch affected 6,000 Coinbase users (Source: Threatpost)

However, in October 2021, hackers exploited a multi-factor authentication vulnerability to access and steal cryptocurrency from approximately 6,000 Coinbase users. Additionally, a large-scale fishing effort targeted exchange users between March and May 2021. Cyber attackers sent fraudulent emails to customers to reveal their usernames and passwords upon clicking. Additionally, there was a vulnerability that compromised users with multi-factor authentication. According to Coinbase, the cyber attackers exploited a flaw in the exchange’s SMS Account recovery procedure (PDF) to carry out the attack. The hackers could divert the two-factor authentication (2FA) meant for the account owner’s phone.

The Risk of Using Coinbase

Coinbase users face risks common to trading platforms. Here are some of them:

Cybersecurity threats

Cybercriminals are ever targeting cryptocurrency exchanges since they hold many funds. Additionally, since Coinbase is a custodian wallet, there remains a possibility of users’ personal information or holding ending up in the hands of unauthorized parties. Users are also at risk of losing their credentials through phishing fraud to a cybersecurity breach.


Cryptocurrency is still facing regulatory challenges from various regulatory authorities and international authorities. For example, in the United States, regulations concerning digital currencies are still in the air. However, some rules may soon set in, which may have a big impact on cryptocurrency investors.

Digital currency risks

Users also face risks associated with the nature of cryptocurrencies. Digital tokens are inherently volatile. One can buy crypto, and it plunges in value the next day. Users, especially budding crypto investors, should consider this factor.

Key Security Features

Coinbase employs many security features to create a safe environment for storing and transacting digital tokens.

ID Verification

Coinbase is compliant with Know-Your-Customer (KYC) and Anti Money Laundering) policies set by the international regulatory bodies. The KYC process required identity verification to confirm that a customer is who they say they are. Sometimes the verification includes address verification.

KYC ensures that no one can use the account anonymously hence preventing the creation of fraudulent accounts or multiple accounts. The accounts of any user who has not verified their identity are restricted. The KYC verification process approves honest customers and prevents dishonest people from the platform.

coinbase ID verification
Coinbase requires customers to verify their ID in compliance with KYC requirements (Source: Medium)

The verification is one of the main features that makes Coinbase a safe trading platform. However, a lack of anonymity challenges user privacy, which may be an issue for some users.

Additionally, some users point out the lengthy signing-up process as a challenge. Nonetheless, the additional verification steps only reinforce the exchange’s aim of having genuine users.

Use of Cold Storage

Generally, custodian wallets (especially exchanges) are considered the least secure when ranking type of wallets in terms of security. However, some exchanges, such as Coinbase, provide one of the safest wallets for crypto holders. Despite being a hot wallet to the users, Coinbase holds 98% of its assets in offline cold storage. The exchange distributes the assets geographically in safe deposit boxes and volts across the world. Such storage provides a significant security measure against theft and loss.

coinbase storage system
Coinbase Storage System (Source: Coinbase)

Only 2% of Coinbase assets reside on the platform (hot storage) at any time. However, the exchange has insurance cover for any losses that might arise. Therefore, if a hacker manages to steal the assets from the platform, Coinbase will compensate the users. 

Coinbase, though FDIC insurance, covers users’ deposits up to $250,000 per account for U.S. customers with U.S. Dollar deposits.

The Wallet’s Security

All Coinbase wallets, addresses, and private keys are encrypted.

The exchange’s policy ensures that all sensitive data such as personally identifiable information (PII) that normally reside on the exchange platform’s servers are kept offline.   

The security procedure involves splitting personal data with redundancy, encrypting it under AES-256 encryption, and copying it to FIPS-140 drives and paper backups for redundancy. The copies are distributed geographically in safe deposit boxes and vaults. Coinbase also uses bcrypt to hash the account passwords before storing tokens to ensure safe purchases.

Other Security Features

Coinbase has other security measures that provide internal security to users’ accounts and funds.

First, the employees must pass a criminal background check before Coinbase hires them. Employees’ devices and services also use unique passwords and two-step verification. The exchange also requires its employees to encrypt their workstation hard drives, use strong passwords and enable screen locking.

Second, Coinbase encourages all its customers to use 2FA to protect their accounts. They provide three types of 2FA for this category. One of the categories involves phone/SMS, where a one-time passcode is sent to users any time they are signing into their accounts. Another category involves the TOTP authenticator, such as Google DUO, which provides time-sensitive random codes for the account login process. The third category is hardware keys, which are physical token devices that look like flash drives to provide additional authentication when signing in to the account. Such keys include Trezor and Ledger devices.

Cold storage promises safety to users’ funds, and Coinbase implements offline storage at different levels to ensure that users’ funds are safe. However, every user must ensure that their personal details are safely kept as it may prove a point of weakness that compromises the entire security structure. For example, a popular cold wallet company, Ledger, recently experienced an attack on its servers that revealed sensitive customer data how the cyber attackers.

Other Coinbase Trust Indicators

Other factors indicate the safety of Coinbase yet does not directly affect the security of the platform. They include the position that the company has taken in the industry. Here are some of such factors:

Coinbase is Publicly Traded

Coinbase went public on April 14, 2021, becoming the first U.S.-based crypto exchange to be publicly traded. It is listed in NASDAQ under the symbol COIN.

coinbase stock
Coinbase Stock (COIN) on NASDAQ (Source: Google Finance)

Coinbase’s listing on the NASDAQ provides benefits to the platform. Companies listed on reputable stock exchanges such as NYSE and NASDAQ must meet specific financial positions, management, and regulatory requirements.

The listing on NASDAQ allows Coinbase to enjoy enhanced visibility, transparency, and trust among the trader. It gives Coinbase credibility.

Institutional Crypto Deals

Besides helping individual investors and crypto holders store and trade their assets, Coinbase also facilitates institutional cryptocurrency purchases. It has worked with companies such as Tesla and MicroStrategy, aiding them to have a smooth entry into the crypto market. Additionally, other deep-pocketed corporate clients are beginning to seek the platform’s services for institutional trades. The exchange has more than five Fortune 500 firms as its client.

Such a profile indicates how reputable companies trust Coinbase with their money. Currently, the platform has more than 7,000 institutional investors using the company’s services. The platform has earned such trust due to its good records with clients’ assets.


Coinbase is expanding its influence through sponsorship deals. In April 2021, the exchange secured a shirt sponsorship deal for Esports, Evil Geniuses. In October, Coinbase became the first cryptocurrency company to sponsor NBA.

NBA signs coinbase
NBA signs Coinbase as league’s first crypto sponsor (Source: Sports Business Journal)

Coinbase also secured commercial links with reputable businesses like Apple, PayPal, and Google. Google and Apple applications support payments using Coinbase branded debit cards. Users can also add the Coinbase Card to their digital Wallets, the Apple Wallet, Google Pa, and Coinbase apps. Such partnerships bring credibility to the exchange.

Keeping Coinbase Account Safe

Even though Coinbase may offer some of the best security features, it is important to remember that security is shared res. The danger may still lurk on the part of users. Therefore, they must learn to use Coinbase safely to avoid becoming the point of weakness to the entire system. Here are some of the practices that can help you keep your digital assets safe:

  • Use a strong password – long, random, and unique.
  • Activate two-step verification
  • Secure your email account – regularly check if your email is compromised, and take basic precautions to identify unauthorized recovery emails or phone numbers. In addition, avoid clicking links on suspicious emails to avoid phishing.  
  • Keep your email account secure – protect your phone against unauthorized SIM swap or phone port attacks.
  • Update and clean your device frequently to avoid Keyloggers, remote access Trojans, and cookie-stealing malware threats.
  • Always verify recent activities, and see if there are any suspicious or unusual activities.

Wrap Up

Coinbase remains one of the largest and most popular cryptocurrency brokers. In terms of safety, using the exchange puts users at no more risk than using any other reputable platform out there. It provides robust security features that limit any chance of cyberattack. However, the security of such users’ assets in such platforms is a shared responsibility. As a user, you can play your part to ensure that your funds are secured by creating hard-to-crack passwords and adopting security-based email practices.

 In addition, while there are risks associated with investing in cryptocurrency, users can research the market and the tokens they what to invest in to avoid losing their money.

The Home Bankers' Club