New iPhone Crypto Users, Listen Up: Top Security And Upgrade Tips For All Investors
This past week, Apple unveiled its new lineup of iPhones, including the iPhone XS, iPhone XS Max, and the iPhone XR. The phones are now available for pre-order starting at $749, with shipments scheduled to begin on September 21.
Whether you bought the new iPhone or you’re upgrading to another new phone, switching phones can mean changing various cryptocurrency apps and crypto accounts.
Today, we’re explaining how you can make sure your crypto accounts are secure when upgrading to a new phone.
Enable Two Factor Authentication
This one’s obvious. When switching to a new phone, make sure two factor authentication is enabled on your crypto accounts and other online profiles.
Remember: hackers don’t usually try to directly attack your crypto accounts; instead, they try to gain access to things like your email inbox.
By enabling two factor authentication before you move phones, you can get an extra layer of protection between you and losing your funds.
Most crypto exchanges and online services offer two factor authentication (2FA). Take advantage of it.
Consider Using A Device As Your Second Factor Instead Of Your Phone Number Or Email
You may have heard controversy over two factor authentication over the past year. Some security experts no longer recommend two factor authentication. Why is that?
The reason phone-based 2FA is no longer totally secure is simple: it’s now possible for a hacker to “steal” your phone number. There have been a number of instances of cryptocurrency users losing their entire holdings because of phone number hijacking.
One hacker was able to steal $5 million from a conference attendee through a so-called SIM card hijacking attack.
These attacks rely more on social engineering than technical hacking. The attacker will call your mobile carrier and pretend to be you. That attacker will claim that “you” purchased a new phone and need to migrate your number to the new device and the new SIM card. If the attacker convinces the carrier, then your phone number now belongs to the hacker.
This is a problem for two factor authentication: if you use 2FA, then online accounts might send verification requests to your phone number. If your phone number is compromised, then your account might be compromised too.
There’s one easy way to avoid all of these problems: use your device as the second factor – not your phone number or email.
Services like Google Authenticator, for example, let you verify requests on your mobile device. That means in order to access your crypto accounts, you need two things:
- Something you know (your password)
- Something you have (your phone with the authentication app)
If you have these two things, then you can gain access to your crypto account. It’s the best type of two factor authentication.
Treat Your Mobile Wallet Like A Checking Account
If you have a mobile crypto wallet on your phone, then that’s great! There are plenty of great crypto wallet apps available for iPhone and Android. Popular iOS crypto wallet apps like Coinomi and Jaxx will work on the new iPhones.
Generally speaking, crypto security experts recommend using your mobile crypto wallet like a checking account while depending on a hardware wallet as your “savings” or main account. You can keep funds for daily spending in your mobile wallet while keeping most of your funds safe in a hardware wallet.
Create A Google Voice Account Linked To A Different Email
Up above, we mentioned that using a phone number as your recovery option isn’t always a great idea due to SIM card hijacking.
Forbes, however, came up with a nifty way to get around this issue: make a Google Voice account linked to a different email.
“Creating a Google Voice phone number is a good digital security tip for all globetrotters, but even more important when you are traveling with crypto. You should use this phone number for everything as your cell number or landline are more easily traceable and linked to your identity.”
Turn Off Automatic Updates On Crypto Apps
Generally speaking, it’s a good idea to automatically update your apps. Updates fix bugs and patch security exploits.
In the crypto world, however, some security experts recommend disabling automatic updates on crypto apps.
Many crypto apps are made by independent developers or small development teams. They’re not backed by the same layers of checks and balances as, say, Facebook or Twitter’s mobile apps.
That means bugs can slip into a new crypto app update. A bug in a mobile crypto wallet could cause you to lose all your funds due to an undiscovered exploit.
Consider disabling automatic updates on your crypto apps.
Whether you bought the new iPhone XS, iPhone XS Max, or iPhone XR or you’re upgrading to a new Android, it’s never been more important to practice smart crypto phone security.