Coinbase Custody Obtains Two Major Security Evaluations

Published at: Feb. 13, 2020

The crypto custody arm of major United States-based cryptocurrency exchange Coinbase, Coinbase Custody, obtained two new security evaluations.

According to a press release published on Feb. 12, Coinbase Custody was granted a Service Organization Control (SOC) 1 Type 2 and a SOC 2 Type 2 report by major accounting firm Grant Thornton.

System Organization Control reports

In obtaining the reports, Coinbase Custody is able to prove to clients that they are compliant with a variety of security and reporting standards.

According to Grant Thornton’s website, SOC reports are meant to provide information on “the existence and strength of financial, operational and information security controls in an organization.” An SOC 1 report provides information on the internal controls relevant to a user organization’s financial reporting. In other words, “SOC 1 reports are intended to be auditor to auditor communications.”

SOC 2 reports, on the other hand, provide information on “security, availability, processing integrity, confidentiality and privacy.” Both SOC 1 and SOC 2 reports are divided into Type 1 and Type 2. A Type 1 report describes the design of the controls, while a Type 2 report also covers their effectiveness after a minimum testing period of six months.

Coinbase Custody also states that it will renew the reports in the future. The announcement follows late January reports that Coinbase has established an entity in Ireland to expand its crypto custody services to European institutions.

Other cryptocurrency services have also sought out SOC certificates. As Cointelegraph reported in late January, U.S.-based crypto exchange and custodian Gemini has completed a SOC 2 Type 2 evaluation through global professional services firm Deloitte. 

The purpose of cryptocurrency custody

While one of the biggest advantages of crypto assets is the ability to independently custody them, financial markets and institutional investors need a heightened security standard that can hardly be achieved with self-custody. Blockchain Zoo researcher Rohan Barde Hai explained in late September 2019 why custody solutions are important to institutional investors in a Cointelegraph opinion piece.

The maturing cryptocurrency market is also apparently bringing traditional institutions onboard. On the heels of new Anti-Money Laundering laws, 40 German banks requested the regulators’ go-ahead to offer digital asset custody services.

Tags
Business
Cryptocurrency Exchange
Coinbase
Cybersecurity
Security
Related Posts
Hackers exploit MFA flaw to steal from 6,000 Coinbase customers — Report
Cryptocurrency exchange Coinbase has reportedly suffered another security breach after attackers were able to bypass the company’s multi-factor authentication, or MFA, feature in a coordinated campaign earlier this year. The attackers stole cryptocurrency from 6,000 accounts, though the monetary value of the theft wasn’t disclosed, according to a report from Bleeping Computer. Earlier this week, Coinbase reportedly notified affected customers that the theft occurred between March and May. To gain access to the accounts, the attackers must have known the affected users’ email address, password and phone number. It’s not clear how the attackers obtained this information, though phishing scams …
Business / Oct. 1, 2021
Hotbit crypto exchange shuts down for maintenance after attempted hack
Cryptocurrency exchange platform Hotbit has shut down all of its services after an attempted cyberattack on Thursday. “Hotbit just suffered a serious cyber-attack starting around 08:00 PM UTC, April 29, 2021, which led to the paralyzation of a number of some basic services,” a notice on the platform’s website reads. The hackers were reportedly unsuccessful in gaining access to Hotbit’s wallets but did manage to compromise the platform’s user database. Thus, the Hotbit team has advised customers to disregard any communication from entities claiming to be representatives of the exchange. With all normal operations currently paused during the ongoing maintenance, …
Business / April 30, 2021
DAO Behind DAI Stablecoin MakerDAO Announces Critical Vulnerability in Voting Contract
MakerDAO, the Decentralized Autonomous Organization (DAO) behind the DAI stablecoin, announced a critical security update to its governance contract in a Reddit thread published on May 6. Per the announcement, during the second round of security audits part of the DAO’s partnership with crypto exchange Coinbase and smart contract security startup Zeppelin, a critical vulnerability had been discovered in the governance smart contract. Zeppelin also released an independent critical vulnerability notice. While the announcement claims that the tokens of users who have staked MKR tokens in the contract are not in danger, it also advises users to move them. Still, …
Altcoin / May 7, 2019
Coinbase will establish presence in Israel through purchase of Unbound Security
Cryptocurrency exchange Coinbase will acquire cryptographic security company Unbound Security in a move that will also have the U.S. company launch a research facility in Israel. In a Tuesday blog post, Coinbase said it would be purchasing Unbound to gain access to its cryptographic security experts as well as establish a presence in Israel. The exchange cited Unbound’s work in multi-party computation to provide users with the “virtually impenetrable nature of cold, offline storage, with the frictionless convenience of hot, online wallets.” “We’ve long recognized Israel as a hot bed of strong technology and cryptography talent, and are excited to …
Business / Nov. 30, 2021
Coinbase CEO reiterates that 'staking' products aren't securities
Coinbase CEO Brian Armstrong has attempted to quell speculation that his exchange’s staking products should be classified as securities — upping the ante in the ongoing debate around crypto regulations with the United States Securities and Exchange Commission, or SEC. In a televised interview with Bloomberg on March 1, Armstrong said, “Our staking product is not a security,” referring to cryptocurrencies that can be staked directly on the exchange to generate yields. He continued: “Customers never turn their assets to Coinbase for instance. And we really just are providing a service that passes through those coins to help them participate …
Sec / March 1, 2023