Advices to secure your wallet

Protecting your funds is our priority. GOin puts security at the heart of all its services.

GOin has a comprehensive security and confidentiality program compliant with ISO 27002:2022 to ensure the protection of your funds and data in accordance with several regulatory and industry standards. GOin has been audited by independent PASSI-accredited third-party auditors. Our compliance support are made available for our clients and partners.

Crypto assets are stored in wallets. You can either manage your own wallets or use a service provider like GOin.

Risks

The crypto assets in your wallets are exposed to various risks, the main ones being:

Phishing attacks

Hackers can send emails, SMS or messages on social networks that appear to come from a legitimate source, such as a crypto asset exchange platform or a wallet service provider. These messages encourage users to click on a malicious link or provide their login information.
Brute force attacks

Hackers can try to guess your password or passphrase using brute force software. This is especially risky if you use a weak or easy-to-guess password.
Keylogger attacks

A keylogger is a type of malware that records all the keystrokes you type on your keyboard. This can include your passwords, passphrases, and other sensitive information.
Code injection attacks

Hackers can inject malicious code into a website or application that you use to access your wallet. This code can allow them to steal your funds or take control of your wallet.
Software vulnerability attacks

Wallet software may contain vulnerabilities that can be exploited by hackers. It is important to keep your wallet software up to date with the latest security patches.
Human errors

Human errors, such as losing your passphrase or sending funds to the wrong address, can also lead to the loss of your funds.

Advices

Choose secure wallets for your personal management
- Hardware wallets. Store your private keys offline, making them inaccessible to hackers. They are recommended for long-term storage of your crypto assets or if their value is significant. The most well-known are Ledger* and Trezor*.
- Paper wallets. Print your private keys on paper and keep them in a secure place, such as a safe. If a malicious person recovers this paper wallet, they will have instant access to your crypto assets.
- Software wallets. Choose a reputable wallet with advanced security features. When the value of your crypto assets is significant, we recommend using this type of wallet only in addition to a hardware wallet to store the crypto assets needed for your daily transactions. The most well-known are Metamask* and Trust Wallet*.
Use a strong and unique password

Your password should be at least 16 characters long and a combination of uppercase and lowercase letters, numbers, and symbols. Do not use the same password for other online accounts.
Enable two-factor authentication (2FA)

2FA adds an extra layer of security by requiring you to provide an additional code besides your password when logging in.
Be careful with links and websites

Never click on a link in an unsolicited email or message, even if it appears to come from a legitimate source. Always check the URL of the website before entering your information.
Keep your software up to date

Install the latest security patches as soon as they are available.
Back up your passphrase

Your passphrase is the key to your wallet. It is important to store it in a safe and offline place. Never share it with anyone.
Be aware of scams

There are many scams related to crypto assets. Be wary of offers that seem too good to be true (e.g. a message offering to multiply your crypto assets by sending them to a specific wallet).
Diversify

Do not put all your crypto assets in the same wallet. This limits the impact in case of theft or loss of one of your wallets.
Engage a qualified service provider

You can delegate the custody of your crypto assets to a service provider like GOin, which, as part of its custody services, implements a set of procedures and policies to manage those risks.

More information:

* The providers mentioned in this document are the most well-known and used at present. However, their solutions have experienced vulnerabilities in the past. GOin recommends that you do your own assessment before using their solutions.