TokenInsight Report on Exchange Security: 80% of the Users See Huobi as the No.1 Safe Exchange

    2019/07/30 01:16 Maggie Li huang Created with Sketch.
    6568

On July 29th, TokenInsight, a third party rating agency published the Exchange Security Report (hereinafter the “Report”). The Report shows that between 2014 and the first half of 2019, the stolen digital assets of the global exchanges reaches at least USD1.6 billion, including at least USD200 million stolen in the first half of 2019 alone. the amount of assets stolen is closely related to the market trend with the highest amounts of assets stolen generally seen at the end of the bull market.

TokenInsight conducted a security rating of 40 exchanges by means of questionnaire survey and technical analysis.

The survey results show that among the users of exchanges in Chinese, 80% of users see Huobi as safe, 72% of users see Binance as safe, 33% of users see Gate as safe and only 6% of users see OKEx as safe.

In technical analysis, TokenInsight rated exchange security from 3 dimensions: network security, risk response mechanism and account & storage settings and performed a penetration test of the exchanges with special testing tools to identify the safety vulnerabilities in the exchanges by emulating the attacks.

According to the analysis results, only Huobi, Coinsuper, Binance and Gemini among the 40 exchanges received the highest A rating with Huobi topping the list.


e2oZ3GHi8SS7472mcTGjdRA9oAze1cnSMnXQYKb6.png

The exchange safety pattern in the eyes of the users resembles the competition pattern in the industry

The Report points out that Bitcoin is gaining popularity among the users, who have begun to pay heed to exchange security.

After analysis of 203 valid questionnaires, TokenInsight finds that the users believe that Huobi and Binance stand far above the industry’s average level in terms of safety and there is no significant difference among other exchanges in this regard. The exchange safety pattern in the eyes of the users resembles very much the industry’s competition pattern, where the top platforms stay far ahead of other exchanges.

According to information on the use of the exchanges by the users, Huobi and Binance also have the highest user satisfaction. 80% of theusers see Huobi as safe, 72% of the users see Binance as safe, 33% of the users see Gate as safe and 6% of the users see OKEx as safe, indicating that the users would use exchanges that  are safe in their eyes.

Moreover, the survey results indicate that the users are mostly concerned about such safety topics as whether the wallets of the exchanges are safe, whether there are risk response mechanisms following the occurrence of safety accidents and whether there are safety vulnerabilities on the website of the exchanges.  And, in terms of tolerance, the higher the age, the less willing to trade on exchanges with records of coins stolen.

Z8dI1ijVklSUdi6W4fAyVXKfgBLgOPzT1re4W4Tn.png

90% of the assets of Huobi and Coinbase are stored in cold wallets

In technical analysis, TokenInsight rated exchange security from 3 dimensions: network security, risk response mechanism and account & storage settings and performed a penetration test of the exchanges with special testing tools to identify the safety vulnerabilities in the exchanges by emulating the attacks.

In terms of network security, TokenInsight used special testing tools to perform securityty scanning and penetration test of data safety/privacy compliance and SSL certificate. The results show that 6 out of the 40 exchanges have different degrees of high risk vulnerabilities and 16 have medium risk vulnerabilities, accounting for 15% and 40% of the total respectively. Only Huobi and Digifinex received the highest A rating.

In the risk response mechanism, the core concern of the users is asset safety and the users are mostly concerned about whether the response mechanism of the exchanges is transparent or not following the occurrence of safety accidents. Only 8 of the 40 exchanges have a clear compensation mechanism.  The strategy adopted by Binance and Huobi is to use the trading fee as the risk fund while Coinbase and Bitflyer work together with the traditional insurance companies to provide compensation.

Moreover, since 2018, more and more exchanges have entered into cooperation with the third party security service providers to enhance their own safety capabilities. Presently, the third party security service providers provide services such as safety protection and smart contract audit of the listed projects. As of June 2019, half of the 40 exchanges have entered into cooperation with the third party security service providers with Huobi cooperating with the most security service providers including 360, Slowmist, KnowSec and JohnWick Lab.

In account and storage settings, the exchanges use the cold/hot wallet separation mechanism for storage of funds. The cold wallet refers to the offline wallet, which is not connected to the network in real-time and is more secure. The hot wallet refers to the online wallet, which is more accessible to the hackers. The results show that 28% of the 40 exchanges have not adopted the cold wallet for storing funds. In contrast, more than 90% of the assets of Huobi and the US-based Coinbase are stored in the cold wallet.


    Adapted from: TokenInsight Author: TokenInsight Executive editor: 李萍萍
声明:本文由入驻金色财经的作者撰写,观点仅代表作者本人,绝不代表金色财经赞同其观点或证实其描述。
    News ranking
Not found
Feed
back
TOP

Copyright © Cointime Copyright notice

https://t.me/cointimeus