How to keep your Cryptos Safe?

This story was migrated from our old blog on medium.com, originally published on April 13th, 2021.

New Blog

This blog post first appeared first on old medium publication (https://medium.com/startuprad-io), and was moved to this blog with the relaunch of our website in summer 2024.

How to keep your Cryptos Safe?

Tune in to our Internet Radio Station here:

www.startup.radio

Subscribe Here

Find all options to subscribe to our newsletter, podcast, YouTube channel or listen to our internet radio station here:

linktr.ee

The Head of Security

In this interview, we walk to Alessandro Avagliano, the Head of Security and Infrastructure at Berlin-based crypto challenger bank Bitwala (https://www.linkedin.com/in/aavagliano/). Allesandro has been with companies like Sun Microsystems, Oracle, or Rocket Internet before, but joined Bitwala 2019 as head of security.

Affiliate Links

The Challenge

In this interview, we are talking about best practices on how to keep your cryptocurrencies and crypto-assets safe as a private investor. We talk about different levels of safekeeping and even have an idea how Elon Musk could keep his cryptos safe. You can learn more in the blog post here: https://www.bitwala.com/blog/knowledge/

Other Interview

We already published our interview with Bitwala’s founder in April 2020. We talk to Benjamin about his life, the idea behind Bitwala, and solve the secret behind its name. Learn more in this interview here:

www.startuprad.io

The Video Interview is set to go live on Tuesday, April 13th, 2021, at 17.00 CET

The Audio Interview

You can subscribe to our podcasts here

Further Readings

• Custodian https://www.investopedia.com/terms/c/custodian.asp

Feedback

Reach out to us, here is our audience survey, to give us feedback, suggest topics, interview partners or just to say “Hallo!” https://forms.gle/mLV6mVKwGwKuut8BA

The Interviewer

This interview was conducted by Jörn “Joe” Menninger, startup scout, founder and host of Startuprad.io. Reach out to him:

LinkedIn

Twitter

Email

Follow us

Instagram https://www.instagram.com/startuprad.io/

LinkedIn https://www.linkedin.com/company/4837115/

Twitter https://twitter.com/startuprad_io

Newsletter: https://startupradio.substack.com/subscribe

Keep Up to Date

Here is our publication calendar:

calendar.google.com

Automated Transcript

[0:00] Music.

[0:08] That I owe you were podcast and YouTube blog covering the German.

[0:13] Music.

[0:19] Hello and welcome everybody this is Joe from startupradio your startup podcast and eat the blog from Germany.Again with another guest here for you keep in mind we’re also the world’s first 24/7 internet radio station dedicated.Tech startups and tech companies learn more down here in the show notes and if you have done already make sure you hit the like And subscribebutton here for everybody you seen this on YouTube I’m sorry for the marks here on my forehead but it’s getting warm here in Germany I know who was wearing a baseball hat during my afternoon work and actually left so I left some remains herebut nonetheless I do have Alexander he would meet hey I eat in hello I’m going to do I’m doing good how you doing.

[1:08] I didn’t create thank you it’s a pleasure to have you here because you are actually the head of security at bitwala berlin-basedChallenger bank that offers swaps between fiat currency and cryptocurrencies right that’s correct yes.So let me first.Ask you outright How can any sane person be wanting to be the head of security in a crypt in a field related to cryptocurrencies I mean.It’s like sleeping in the middle of mine field isn’t it yes and it is and.When I actually when I decide to move up the bottom I’m of course in contact with other security practitioner in the industry and most friends asked me why you didn’t even do it that you crazyand yeah definitely I like Challenge andI’m not considering this impossible but I guess it’s extremely difficult and that’s one of the reasons why I decided to take this challenge.I see so you like challenges can you tell us a little bit about what like basics.Two.

[2:28] Understand in cryptocurrencies because for many people it’s like normal currencies you have them on your bank account and if you don’t Grant anyone access to your bank account everything’s totally fine but in cryptocurrencies it can be totally different becauseif you cryptocurrency is once gone it’s gone forever no getting back right.

[2:48] Yeah I would actually also questioned the fact that your money securing the bank in the sense that actually that money is guaranteed especially in Europe by you know by European skin so it’s guaranteed by a central bankup to a certain amount so that means that let’s say over a hundred thousand Euro you might not even may be sure that you know that those deposits are guaranteed.

[3:12] But yeah I would say on the on the crypto code inside you can see this from multiple perspective on one side you can say thatin certain situations you can control your own Finance so you can actually havemake sure that you know that your your money is under your control on the other side you might design to store part of this financing I don’t know in an exchange or let’s say 20 over the keys in our case we’ll company I work for is non custodian right nowthat means that the customer keep to keep the secrets to movetheir assets one of the downsides of this is that of course you need to make sure that those keys are stored in a safe place and in case you lose them you won’t be able to ask for example bitwala to recover this fundsso you will have to make sure that you you actually manage this correctly and that you can actually own personality.

[4:19] All the information that are necessary to move this fund so basically let us get some tipshow to keep your keys safe because I do believe if you display them in your in your living room it’s not most likely the most safe place rightand you have to make sure that you never ever like really lose it becausethat would be the problem then you can also not recover your cryptocurrencies right.

[4:50] Absolutely and so there are several ways to do it and it also of course it depends onon the risk it’s a security people they like to talk about risk and that’s something that every person should say soI for example I use I will not tell you there is one single solution for everybodyit depends on the amount of money you might design for example to so imagine for example that you have won the equivalent of 1 millionDollar in Bitcoinand you you probably don’t need to spend 1 million dollar every day right so you don’t need that kind of liquid in your pocket so it probably makes sense not to have that with you at every time you know and not to have the seed in a place or let’s say the secret thing a place where it can be recovered bypeople who might know that youI have so much money or that we might want to get this information from you so this is one first step soalso what we call operational security if you do have a good amount of big amount of liquidity you should probably make sure that.

[6:03] Protecting the least number of people know about that because there might be a situation in which you might be actually forced to endure over thisthe seeds or keys or even if not attending over to to do a transaction just because somebody might try to actuallyyou get older your funds personally speaking I think let’s say technically speaking I I considered that one of the best way toum to keep this pants is to save them on a wallet that you manage for which you only have two secret keys and the best possible way is for example a paper wallet.

[6:43] A paper will is still stored in a say you know in a place where that you can trust or maybe even shared among people that you trustMateen imagine having a seat that you split among people that you trusted they don’t even have to know about the existence of each other so you could speak your secret entry.And give it to your mother for example or your sister or your wife and.

[7:10] And make sure that they all the copy for you this is the most paranoid version of it.Yeah I really like this it cryptocurrencies you have to have the highest level of paranoia right that that’s the thing I’m basically but when you talk about like.Paperbackups like Keys keywords and stuff like this you should have it on paper yes of course but not stored in just one place you do a handful of photocopies and spread it between different locations because if your house burns downyour money is also gone rightabsolutely and it also depends on the amount of money so let’s say in the moment can we let us imagine your mask and in this case I don’t know.You have did this to me.Two billion or are one and a half billion that to invest in cryptocurrency no imagine he has a seed in his pockets I mean I don’t think so I would recommend you the case to probablyeven considered custom solution there are service providerwhere it might become worth actually I think over the seeds I don’t know to a specialized company but but yeah it’s.It’s a nice challenge.

[8:28] Obviously for small investors the one of the most appropriate way is to start the vast majority of funds for example like like we just said.Well paper and then maybe if they want to have some liquidity because they want to use it for.Whatever reason they might consider putting part of it and in Wallace that they can carry onlike simple like I’ll be following a custody solution or another other wallet.I see just to stay a little bit on the fancy side what you would you recommend for Elon Musk how he stores his cryptocurrencies because first.I would say he should split it up in multiple accounts and keep them safe in different ways and in different places would that be a good approach.I mean I will goal also little bit for their for that amount of money but yes that will definitely be a good approach.

[9:26] He’s put it would be a good idea I see see see what you guys are at bitwala doing to keep your client safe can you actually keep.Your crypto currencies with bitwala or do you have like a trusted partner who actually does this.So let’s say I will still do what we are unfilled today is actually one of the reason why I can’t bitwala interesting given before I joined is that the current product that we provide areno custodian so that means that in the case of the Bitcoin wallet is a it’s a multi signature wallet.Which means that big follow technically is not able to move funds for the customerso the customer olds was the key to their assets and for the thing on wallet we also managed toto use the non-custodial approach without multi signature wallet so in this specific case we’re using.

[10:27] What is called the secure Enclave or a strongbox that if you have an iPhone or an Android they are special component special order chips that are shipped with every Androidof the latest generation on every iOS and we actually initialize the keys that are used to protect the wallet directly into the hardwareso that means that basically they cannot be extracted by an attacker they cannot be extracted by not even bywhat this called child breaking the phone or becoming root on the Android phone because you actually need to perform much more advanced operation and yet so it is considered to be quite secureit really works good I would say yeah and so that’s how we manage this school entry.I see and do you have some other chips right now somebody out therelooking to do some cryptocurrencies yeah they know all the fancy stuff that yada yada yada they should get a physical device.Get it very secure half paper bag apps store them in different places different safes different worlds and never tell anybody.About it it is that like the bottom line we talking about for a small amount below 100 million euros.

[11:55] Not really I think.

[11:59] II wouldn’t even do that for that small amount so this is let’s say that.Yeah I mean I need to be honest so that if I if I wanted to serve 1,000or one or two thousand more Euro world I will just keep it either let’s say on a on a bullet even on a custodial oneumand then decide for you to move it only in case of let’s say the relative price of Bitcoin becomes so high that you know that somebody might actually be interesting to get in that so the the question insecurity it’s always what is the threat.So you let’s say you have 1,000 urine in the pocket instead actually a Potential Threat that might cause you to lose this this amount of moneyand a private person in Germany that let’s say you open some an account on an exchange or on bitwala for my opinion for an amount of a few thousand Euro probably it’s not really at risk of somebodyyou know trying to get into into his custodial and noncustodial wallet if the amount of money becomes higher and the lifestyle start changing them probablyum yeah.

[13:24] Probably I will consider a noncustodial solution only or paper wallet or like we said that paranoid scenario we had before but for small amount I absolutely do recommend it on Iranon the wrist position so if you let’s say start investing 200 euro tomorrow and telling all your friends hey I bought 200 units heliumand after a while you might expect this 200 euro to be worthand this people or this may be on the speed or let’s say people that are not actually I’ll just be saying German become torsopeople going to this yes acquainted my you know my tell to somebody else and someone else whatmight actually Target you yeah but it’s a it’s a very unlikely scenario I meanI know very few cases where this happened and yeah so the you know that is basically all with different between between the paranoid use case and the actual possibility that this might appeal to you.

[14:29] At least since my interview with a with a munich-based set up kangini who actually provides those custody solutions for other people I know you’re always on the safe sideif you’re in cryptocurrencies at least a little bit paranoid.Yes you have to be I mean honestly I recommend always to be a little bit paranoideven outside of the cryptocurrency for example when it’s up to personal data with say you know when you’re opening accounts on the internet and you’re sharing informationabout you this might also involve your financial profile or information about whether or not you’re training with cryptothe potency so then didn’t you know this company might then resell this information and that it’s it’s always good to be a little bit paranoid.I see that is really good to know thank you very muchfor those tips for everybody who would like to learn more down here in the show notes there will be a link to the bitwala block and I do Tsum you guys also do have some tips on hands there right.

[15:37] Yes we do provide information about for example how to customers can protect from fishing.Or a customer can protect from certain type of fraud that we see in the industry I think we are going to publish a new blog entry this week which is related to scream or screen sharing fruitwhich is opening also outside of the crypto industry and especially since Corona and Covey time started so yeah we try tokeep people informed also on our blog that’s very good actually talking about custodians we’ve always used the term custodians for everybody who’s inliving in an English-speaking country usually they know a custodian as some adult taking care of a child but actually that’s not the case when we talk about custodianwe talked about likeway back in the chime when there were big Banks and they had big vaults and in those worlds you start paper Securities and they’ve been the custodians of your securities and coming from this they’re also crypto custodians.

[16:44] Also tend to have big votes but actually the cybersecurity is much more important you can of course learn more down here in the show notesas well as the bitwala block Alessandro we choose a pleasure having you here for like a very short segment.Thank you very much and hope to see you soon with some more paranoid tips in the future.

[17:09] Thank you it was nice as well thank you my pleasure bye-bye.

[17:14] By seeing if you are a professional looking at the European startup scene Germany is a place you cannot miss.

[17:22] Music.

[17:32] Is each week most likely you have never heard or read anything only startups before in English but you will in the future be ahead of the curve And subscribe to start up rad dot dot.

[17:44] Music.