International cybersecurity solutions provider Group-IB has come up with a scoring model to grade crypto exchanges based on their level of security.
The scoring model was created by Group-IB in conjunction with Swiss-based Cryptolns (which is operated by Swiss insurance broker APIS AS), and the grading is intrinsic to CryptoIns’ new cryptocurrency exchange insurance, which will allow exchange users to cover up to 15 BTC worth of digital assets held in their exchange accounts. With the scoring model’s data, CryptoIns has calculated rates for their coverage depending on an exchange’s level of security and asset-protection measures.
This insurance will be available for assets held on leading exchanges like Binance, OKEx, Kraken and Huobi, while a full list can be found on CryptoIns’ website.
“Currently, approximately 3,600,000 BTC are stored in user accounts on cryptocurrency exchanges, making this market highly attractive for hackers,” Timofey Volkov, CEO of CryptoIns, explained.
Per a recent Forbes article, crypto exchanges are attractive to hackers due to their design: They have a centralized single point of failure, making them prone to the same problems faced by millions of web applications globally. This is where the assessment from Group-IB gets interesting for the investor.
The grading from Group-IB took the exchanges’ architecture and infrastructure into consideration to better understand the mechanisms used in countering potential threats.
While developing the framework for its insurance policy, Cryptolns revealed that it assessed a number of exchanges using various parameters, including “the level of technical security [and] the reliability of key storage, password, and personal data of customers provided by each exchange.”
Explaining the challenges faced by insurers in the crypto industry, Volkov stated that:
“Collaboration with one of the leading international cybersecurity companies will help us organize and conduct pre-insurance evaluations of the exchanges in order to assess their security, as well as the potential for fraudulent activities on the part of the founders and management.”
Risk Groups
The scoring by CryptoIns also sorted exchanges into four risk groups based on aggregated information which includes "assessment of traded volume, traders’ activity, internal fees and other characteristics." Exchanges categorized in the first group were graded as being the least vulnerable, second and third were "rated satisfactory and low in security risk," while those in the fourth group were deemed to be overly risky, with the company saying it won't provide insurance for such exchanges.
Base insurance rates are put at 2.5 percent per quarter. Each of the groups was entitled to different discounts with the maximum being a 50 percent discount, the report states.
According to CryptoIns' insurance calculator on its website, U.S.-based cryptocurrency exchange Kraken ranks as the safest digital asset platform with a lower cost of insuring assets. It costs users 0.0125 BTC for every 1 BTC stored on Kraken at a 1.25 percent insurance rate. The same 1 BTC will be insured on Binance and Bibox for 0.019 BTC and 0.025 BTC, respectively.
Falling under the overly risky group were exchanges like Yobit which emerged as the least secure. Other less-secure exchanges, according to the list, were Zaif, Bitstamp, Bit-Z and TopBTC.
Cyber threats on crypto exchanges have become a recurring event. In September 2018, Japanese digital assets platform Zaif reportedly lost $59 million due to a security breach on its system. Bithumb, CoinGrail and BitGrail all lost $30 million, $40 million and $195 million, respectively, earlier in the year.