Crypto Exchanges Face Stringent Regulations

Oct 25, 2021

Cryptocurrency has been lauded for its many innovative benefits: its confidentiality, security, and flexibility. Unfortunately, things may have taken a turn for the worse as this digital currency faced one of its biggest challenges. A total of $300 million was embezzled from cryptocurrency accounts in 2020. Most of these scams were made up of phone number hijacking, fake crypto exchanges, and phishing schemes. 

As if cryptocurrency has not been scrutinized enough for the lack of regulation, it has now come under fire, bringing them under more surveillance by regulators.

Scams On The Rise

According to the Federal Trade Commission, almost 7,000 people lost over $80 million from October 2020 to March 2021. This was a staggering 1,000% increase from the year prior. 

Some of these scams involved phony “investment” websites and fake currency exchanges selling cryptocurrency. Scammers also took advantage of Dogecoin promoter Elon Musk’s appearance on Saturday Night Live. In the time leading up to his appearance, fake campaigns and giveaways were launched, using his likeness and compromised social media accounts. The imposters carried out a massive cleanup with more than $10 million stolen in numerous cryptocurrencies. 

By the end of 2020, theft in cryptocurrency amounted to roughly over $10 million per day.

Despite the freedom that cryptocurrencies offer, the fact remains that you cannot protect your accounts from theft. In the conventional banking industry, the Federal Deposit Insurance Corporation has your back and is there to cover you should you have any losses on your account. No such security net exists with cryptocurrency. If you were to have your funds stolen, there is nothing that can be done. 

The Gaping Holes Of Knowledge-Based Authentication (KBA)

In order to increase security and protect these assets, there must be an “enabling of secure access” for these cryptocurrency assets. 

The current setup involves using passwords and knowledge-based authentication or (KBA). The problem with this method is that passwords can be easily compromised. Theft and phishing attacks are the most used tactics. Also, if there is a cryptocurrency wallet that is not used as often, you run the risk of not only forgetting your password but also recovering it. Provided that there is a method of recovery. 

KBA is also problematic as one can easily forget the answers to those questions prompted at the beginning (what’s your favorite hobby?). Personal information such as your mother’s maiden name can also be easily accessed on the web by paying a small fee. 

Account takeovers are also on the rise for cryptocurrency. What doesn’t help is that there are no “pre-established trust relationships” between the exchange or the wallet provider and the user. Another disadvantage, which was once a selling point, was that transactions were finalized in a matter of minutes and irreversible.  

Authentication Best Practices Is The Answer

So what is the best way to tackle this onslaught of fraud? It is best to use a “standards-based user authentication”. One that has a demonstrated track record of warding off both phishing and account takeovers. 

An authentication protocol called FIDO (Fast IDentity Online) was also developed in order to ensure all cryptographic credentials were already stored in a user’s device to prevent “machine-in-the-middle-attacks.” Ideally, the entire cryptocurrency industry would adopt the FIDO approach to modernize authentication. 

More best practices worth considering include:

  • Require users to use “multiple authenticators” to assist with account recovery for each cryptocurrency exchange
  • Normalize authentication flows and practices across crypto exchanges.
  • Remove less secure backup and recovery options, such as using SMS

In Closing

The cryptocurrency market continues to grow as it becomes more mainstream and its adoption increases. However, in order for this to continue, cryptocurrency exchanges must comply with regulations and must work equally hard to protect their users from fraud. Exchanges also have to strike a careful balance between anonymity and privacy.

 

Let us help you get a high risk merchant account today!

Get Started

Award winning.

  • 2012
  • 2013
  • 2014
  • 2015
  • 2016

Having a merchant account allows an account holder to take advantage of merchant cash advances. When a merchant is approved for an advance, the business agrees to receive a lump sum of cash in exchange for an agreed-upon percentage of future credit card sales.

Pricing varies depending on the merchant’s industry, past credit card processing history, the type of business seeking the account, average ticket sales, and average transaction volumes.

Yes, EMB works with merchants who are building their credit, as well as those who have poor credit. EMB also approves merchants that have no credit card processing history and businesses that have lost their merchant accounts due to high chargebacks.

Several factors influence a merchant’s risk level. Though only one factor likely will not get a merchant classified as high risk, a combination of these may: business size, location, and industry, credit score, credit card processing history, a industry’s reputation for excessive chargebacks, a prior history of high chargeback ratios, and whether a merchant exclusively sells online.

Virtual terminals are stationed on a merchant’s website, making it easy for customers to make a payment or purchase online. Merchants or a payment processor can easily set up virtual terminals, so online businesses can accept credit and debit card and e-check transactions.

A merchant account is a business account with an acquiring bank. Without this business account, which actually works more like a line of credit, a merchant cannot accept and process credit and debit card transactions. Businesses need a merchant account to accept major credit cards via a static point-of-sale terminal, mobile card reader, or through a virtual payment gateway.

After filling out EMB’s simple online application and submitting any necessary, requested documents, many merchants get approved within 24 and 48 hours.

EMB specializes in working with high-risk merchants. EMB works with many merchants, including but not limited to businesses in these industries: gambling and gaming, adult entertainment, nutraceuticals, vaping and e-cigarettes, electronics, tech support, travel, high-end furniture, weight loss programs, calling cards, e-books and software, and telecommunications.