It has been a busy month for Bitcoin. The first UK Bitcoin exchange, Coinfloor, opened its doors in London, the first Bitcoin ATM opened in a Canadian coffee shop and, most recently, a US Senate hearing explored the “promises and risks” of Bitcoin for “government and society at large”.As a result, the value of virtual currency has more than trebled in value since October, soaring to over $1,000. There is no doubt that Bitcoins pose an attractive option to small businesses. The virtual currency is not regulated by any bank or country and this can bring a host of benefits. Namely, credit card processing fees are reduced, with Bitcoin services typically charging just one per cent and the currency also makes it easier for small businesses to expand and sell online internationally by eliminating the commission paid to electronic money platforms Paypal on transactions. Additionally, the ability to easily and quickly complete transactions over smartphones offers added flexibility for small businesses. However the very decentralised and unregulated model that makes the service attractive is what makes Bitcoin a potential minefield for government, businesses and customers alike. Following the US and German governments, UK policy makers and Bitcoin dealers recently concluded that the government should introduce regulation for the digital currency. So just why is Bitcoin so controversial – and should SMEs ultimately see it as a friend or a foe?
Here to stayBitcoin has slowly become a synonym for virtual currencies, and is accessible from anywhere in the world, with a simple sign-up procedure for many exchanges. To receive or send coins, people need just a receiving or a sending address – all very user-friendly and straightforward. For small businesses this simplicity in structure and process is a particularly attractive proposition. Aside from the obvious cost-efficiencies of using a currency that has lower processing costs there are also specific demographics that using Bitcoin would entice. According to Quantcast, “Bitcoiners do, however, skew young. More significantly, they tend to be very male…[and are] slightly wealthier than the average population”. However, it is not just the “young and trendy” business managers that look to harness the potential of Bitcoin; the currency has now been adopted by a variety of ‘traditional’ small businesses in the UK, including a charity, an accountancy firm, a cab company and – perhaps surprisingly – a number of pubs. For bar staff and punters alike the system is quick and effective to use. Instead of paying with traditional currency the customer is presented with a QR code which is scanned via a Bitcoin app, and payment is made faster than a card. While all this certainly sounds promising, previous attempts to achieve mainstream adoption of virtual currencies (outside of traditional loyalty schemes) have failed to work. Also, just as businesses are starting to cash in on virtual currency, so are cybercriminals. Bitcoin’s (once promising) predecessor Liberty Reserve was famously shut down after it emerged that the service was used to launder $6bn – the largest international money laundering prosecution to date. However, Liberty Reserve is not the only virtual currency that has been used by criminals, and since its incorporation many more services have proliferated. According to the US Department of Justice, “digital currencies provide an ideal money-laundering instrument because they facilitate international payments without the transmittal services of traditional financial institutions.”
Not all that glitters is goldFor the would-be cybercriminal there are very specific benefits that make virtual currencies more attractive than traditional money schemes. Just this month, The National Crime Agency (NCA) issued an alert warning of a ransomware email scam demanding Bitcoin payments. The greatest advantages of Bitcoin – its ease of use, instantaneous delivery, accessibility and anonymity – are also its greatest vulnerabilities. A recent McAfee whitepaper revealed the accessibility of tools and services that support cybercrime, and the report clearly shows such services rely on the ability of the customer to pay using currencies perceived to be anonymous. Another major security weak point is that Bitcoin is built on an unregulated and ‘invented’ concept. The FBI noted that the currency is providing an alarming haven for money laundering while cybercriminals are using it as a tool to rip off fellow Bitcoin users. While transactions are published online, the only information that identifies a Bitcoin user is a Bitcoin address – making the transaction (pseudo) anonymous. This is why law enforcement agencies are struggling to identify suspicious users and obtain transaction records. Bitcoin also allows cybercriminals to implement Bitcoin “miners” on high-traffic sites. Most Bitcoin mining malware arrives on victims’ computers via malicious downloads or through social media. These miners use special software that forces the infected system to produce Bitcoins for the cybercriminals’ use – eating up most of the victim’s processing power in the process.
Playing safelyRegardless of the level of scrutiny by regulators and law enforcement, criminals will continue to migrate activities to alternate platforms following user trends. Simply shutting down the leading platform will not solve the problem as the Liberty Reserve case has shown. Bitcoin is going strong and may well be here for the long term, and the manner in which it is designed will make its shutdown difficult-impossible. To ensure the platform provides a secure service for both businesses and customers global law enforcement is collaborating in its efforts both internationally and with the private sector to identify, seize, and arrest those individuals operating such platforms. Despite the apparent security challenges posed through Bitcoin, opportunities also abound for legitimate small business uses. Ignoring this market opportunity is likely to cost legitimate SMEs significant revenue, but failure to address the potential risks may cost a lot more. Here are some tips with help from Bitcoin.org to help ensure your business is trading safely online:
Treat your Bitcoin wallet, like your physical walletYou wouldn’t keep a thousand pounds stashed in your personal wallet or purse would you? In general, it is a good practice to keep only small amounts of bitcoins on your computer, mobile, or server for everyday uses and to keep the remaining part of your funds in a safer, highly protected environment.
Be careful with online servicesOnline wallets and exchanges look like online banks. However – you should remember they are not and that these services don’t provide enough insurance and security to store your money like a bank. Use security features like two-factor authentication to help increase the security of your accounts.
Back-up your walletStored in a safe place, a back-up of your wallet can protect you against computer failures and human mistakes. It can also allow you to recover your wallet after your mobile or computer is stolen and your wallet is encrypted.
Encrypt your walletEncrypting your wallet or your smartphone allows you to set a password for anyone trying to withdraw any funds. This helps protect against thieves, though it cannot protect against keylogging hardware or software.
Offline wallet for savingsAn offline wallet, also known as cold storage, provides the highest level of security for savings. It involves storing a wallet in a secured place that is not connected to the network. When done properly, it can offer a very good protection against computer vulnerabilities. Using an offline wallet in conjunction with backups and encryption is also a good practice.
Keep your software up to dateUsing the latest version of your Bitcoin software allows you to receive important stability and security fixes. Installing updates for all other software on your computer or mobile is also important to keep your wallet environment safer.
Multi-signature to protect against theftBitcoin includes a multi-signature feature that allows a transaction to require the signature of more than one private key to be spent. It is currently only usable for technical users but a greater availability for this feature can be expected in the future. Raj Samani is the EMEA CTO of McAfee. Image source
Share this story