How Luno keeps your cryptocurrencies safe
Our number one priority is to keep your cryptocurrency safe and secure. Our engineering team lives and breathes this, day in and day out because we aim to be the most secure way for you to buy, store and learn about cryptocurrencies.
The key to crypto
Managing your keys is an important part of keeping your account safe. The same applies to cryptocurrencies. Cryptocurrencies use cryptography to secure access.
Public-key cryptography works like a post box (where the post box is your crypto wallet). Anyone with your post box address can mail money to you, but the only way to spend the money inside that post box is to have the key to open it.
In crypto terms, this is often referred to as a private key. Each key has a corresponding wallet address. Without it, no one is capable of accessing the cryptocurrency in your wallet. So it's (really, really) important to keep private keys safe from being lost, or stolen.
You’re able to keep your crypto wallet private keys on your computer. However, this is similar to hiding money under your mattress rather than at a bank. Unfortunately, most people do not fully understand the risks associated with self-storage. In the majority of cases, it’s safer to trust a secure cryptocurrency storage service provider, like Luno.
Six questions to ask before signing up for a cryptocurrency exchange
- Do I trust the team building the product or service?
- Do they understand and implement secure key storage?
- Do they have a strong technical and engineering background?
- Do they have security features like two-factor authentication or integration with security partners?
- Do they undergo regular security and financial audits?
- Do world-class investors back the company?
When choosing who to trust with the safety of your cryptocurrency, remember to do your research about the company. If the answers to the above questions aren’t readily available for you to access, search for a company that is more transparent.
The two secure methods for storing cryptocurrency
Storing crypto on a computer without connection to the internet is known as cold storage. This makes the keys secure, but difficult to access.
Cryptocurrency wallet keys stored on a server connected to the internet is known as a hot wallet. This is easy to access but is less secure.
We go a step further in keeping your cryptocurrency secure
The majority of your keys are kept in physical bank vaults, inside safety deposit boxes. We call this our "deep freeze" storage solution. It features processes and procedures to maximise safety like:
- Deep-freeze keys are "multi-sig" keys, meaning that multiple keys always need to be present to authorise a Bitcoin or Ethereum transaction. It’s a bit like a bank vault that requires multiple keys to be turned at the same time before it can be unlocked.
- Only specific individuals have access to the safety deposit boxes, and the same person does not have access to more than one safety deposit box.
- Private keys in the safety deposit box are encrypted, making it impossible for a bank employee to steal the key.
Our deep-freeze storage is purposefully difficult to access. So for our day-to-day operations, a small percentage of cryptocurrencies are kept in a combined-strategy system, using offline cold storage and an online hot wallet. This allows us to ensure we always have Bitcoin and Ethereum available during the day while leaving a majority of cryptocurrency safely offline.
In addition to our internal security measures, we have also integrated a co-signing partner as our hot wallet co-signing service. The only way to spend Bitcoin or Ethereum from our hot wallet is if both Luno, and our partner, authorise the transaction using multi-sig keys. They also provide us with additional security measures like daily and lifetime key spend limits.
A security measure we regularly encourage you to use is two-factor authentication (or “2FA”). This adds an additional layer of security to your account. We do as much as we can to keep your cryptocurrencies safe and secure; however, it’s important for you to understand the ways you can contribute to your account safety.
And if you’re still not sure, let us know your concerns and we’ll get you more information specific to you.