- 1 Features
- 1.1 Buy Bitcoin, Ethereum, Litecoin and Bitcoin Cash with a Credit or Debit Card
- 1.2 Instant Availability of Funds
- 1.3 Mobile Applications for Android and iPhone
- 1.4 Recurring Buys
- 1.5 Great Security
- 1.5.1 98% of Coinbase funds stored offline
- 1.5.2 Coinbase Vault
- 1.5.3 Two-Factor Authentication (2FA)
- 1.5.4 SSL (https) Encryption
- 1.5.5 AES-256 Encryption
- 1.5.6 Password Hashing
- 1.5.7 Strong Password Requirements
- 1.5.8 User Credentials Kept Separate from Code Base and Database
- 1.5.9 Prevention of Cross-Site Request Forgery (CSRF) Attacks
- 1.5.10 Limiting Brute Force Attempts
- 1.5.11 Employee Background Check
- 1.5.12 Employee Security Requirements
- 1.5.13 Coinbase Bug Bounty Program
- 1.6 Coinbase Commerce
- 1.7 GDAX
- 1.8 Developer API
- 1.9 Customer Service
- 1.10 Transfer Limits
- 1.11 Monitoring of User Activity
- 1.12 Users Don’t Control Wallet Private Keys
- 1.13 Arbitrary Closing and Freezing of User Accounts
- 2 Conclusion
Coinbase is widely recognized as one of the world’s leading cryptocurrency exchanges. It is known for its ease of use, and has been featured in leading media outlets, such as The Wall Street Journal, The New York Times, and TIME.
As of March 12, 2018, the exchange and its other associated exchange, GDAX, aimed at power users and traders, are collectively ranked as the #7 cryptocurrency exchange by 24-hour trading volume with an impressive $358 million exchanging hands daily.
Founded in June 2012 and based out of San Francisco, California, Coinbase has over 10 million users worldwide (as of March 12, 2018), is available in 32 countries including Australia, and has traded over $50 billion in cryptocurrency.
In addition, the company is also one of the most well-funded companies in the cryptocurrency space with over $217 million in investor funding from the likes of Andreessen Horowitz, Y Combinator, BBVA, ICE, NYSE, USV, DFJ Growth, Adam Draper and Garry Tan.
However, while Coinbase’s services are available in Australia, Australian users are as yet unable to sell cryptocurrencies like Bitcoin, Ethereum, Litecoin and Bitcoin Cash for fiat currency such as Australian Dollar (AUD) on Coinbase’s platform.
On the other hand, Coinbase does provide a convenient service for Australians who want to purchase cryptocurrencies using their credit or debit card, making the exchange among the most convenient for Australians looking to buy popular cryptocurrencies like Bitcoin, Ethereum, Litecoin and Bitcoin Cash.
Coinbase has a variety of features that make it a great cryptocurrency exchange for Australian cryptocurrency enthusiasts, though it is lacking in some areas.
Buy Bitcoin, Ethereum, Litecoin and Bitcoin Cash with a Credit or Debit Card
As mentioned, Coinbase allows for users to purchase some of the top cryptocurrencies, such as Bitcoin, Ethereum, Litecoin and Bitcoin Cash using their credit card (Mastercard or Visa) or debit card. For many, this is much more convenient than having to do something like a wire transfer.
However, convenience does come at a cost – Coinbase charges Australian users a 3.99% fee for credit and debit card purchases. Nevertheless, the fee definitely isn’t extortionate and is lower than those of similar payment methods used on other exchanges such as Coinmama and Bitpanda, which charge about 6% and 5% respectively depending on what country you’re from.
Instant Availability of Funds
Along with the ability to purchase well-known cryptocurrencies with a credit or debit card, Coinbase makes cryptocurrency purchases immediately available to its users through its “Instant Buy” feature.
Mobile Applications for Android and iPhone
In addition to their website, Coinbase offers mobile applications for Android and iPhone, which offer many of the same services as the Coinbase website such as sending and requesting Bitcoin to and from friends and merchants who accept Bitcoin and accessing Coinbase wallets, vaults and transaction details.
Coinbase users who don’t want to try to “time the market” and instead employ strategies like dollar-cost averaging to protect against volatility or otherwise can just set up Coinbase to buy cryptocurrency at regular intervals. You can set up recurring buys of cryptocurrencies like Bitcoin, Ethereum, Litecoin and Bitcoin Cash in weekly or monthly intervals.
Many cryptocurrency exchanges have been hacked in the past. Some of the more notorious incidents include the hacking of Mt. Gox (about 850,000 Bitcoin valued at around $450 million at the time was stolen – a crippling blow to the cryptocurrency market at the time), the hacking of Bitfinex (about 120,000 Bitcoin valued at around $72 million at the time was stolen), and the hacking of Coincheck earlier this year, which resulted in the loss of about $500 million in NEM cryptocurrency.
While large-scale thefts from cryptocurrency exchanges have happened repeatedly, Coinbase, in its nearly 6-year history, has not been hacked once, giving it an air of legitimacy and trust in the sometimes-untrustworthy cryptocurrency market.
Although Coinbase does not provide security features like Federal Deposit Insurance Corporation (FDIC) insurance for customers’ cryptocurrencies the way that United States banks do for their customer’s funds, Coinbase does take a series of measures that make it one of the most secure cryptocurrency exchanges around:
98% of Coinbase funds stored offline
One of the biggest security flaws of other cryptocurrency exchanges is that a large percentage, if not all, of their funds are stored online.
By storing customer funds offline, Coinbase protects itself against catastrophic losses from online hacking incidents. Even if Coinbase were hacked, it would only lose a small amount of customer funds that would be much more recoverable than if it were to lose all customer funds at once.
Moreover, Coinbase or its creditors cannot claim the small amount of Coinbase funds stored online if Coinbase were to fail. Instead, the funds would be returned to Coinbase customers.
Coinbase stores customer funds offline in safety deposit boxes and vaults across the globe. First, the company disconnects sensitive customer data from the Internet.
Afterwards, the data is split into parts, encrypted using AES-256 encryption technology, and then copied to paper backups as well as FIPS-140 USB drives. The paper backups and USB drives are then distributed amongst Coinbase’s various safety deposit boxes and vaults scattered around the world.
Coinbase Vault offers an extra layer of security for users who want to store their cryptocurrency funds with Coinbase. Instead of a standard wallet, vaults prevent withdrawal of stored funds without the completion of additional security steps.
For example, users can add email verification by multiple users, which requires that said users approve of a withdrawal before it is completed. Coinbase’s vault services are currently available for use with Bitcoin, Ethereum and Litecoin.
Two-Factor Authentication (2FA)
Coinbase offers two-factor authentication for user accounts. After entering a username and password, users can enter a code they receive from their mobile phone, adding an extra level of security to the account login process.
SSL (https) Encryption
All of Coinbase’s website traffic goes through a secure SSL connection. This connection is visible at the top of one’s Internet browser when the link starts with https and there is a green “secure” icon, both of which indicate that all data, such as sensitive information like credit card numbers, are encrypted as it passes from the user to the website, preventing data snooping by any malicious actors trying to steal confidential user information as it passes through cyberspace.
AES-256 encryption is thought of as the worldwide gold standard for data encryption. Not only does Coinbase use this encryption standard to encrypt offline storage of customer funds, it also uses it to encrypt customers’ cryptocurrency wallets and wallet private keys, which if stolen could be used to access customer funds through another cryptocurrency wallet service.
User passwords stored in Coinbase’s database are hashed using bcrypt with a cost factor of 12. In other words, user passwords are harder to crack for anyone trying to force their way into a Coinbase user account.
Strong Password Requirements
Although some users may find this annoying, Coinbase requires that users choose strong passwords in order to decrease the chances of a hacker figuring out an easy password like 12341234 or something similar.
User Credentials Kept Separate from Code Base and Database
Coinbase keeps its customers’ usernames and passwords separate from the code base and main database, which protects user credentials in the event that either the code base or main database is compromised.
Prevention of Cross-Site Request Forgery (CSRF) Attacks
CSRF attacks are a highly sophisticated kind of attack involving users unknowingly performing unwanted actions that are embedded into a website by a hacker. In other words, instead of being attacked by a hacker from the outside in, CSRF attacks are carried out by changing certain website elements and sending them to unsuspecting users.
For example, hackers could change a link on a page they control and get their victim to open it, resulting in harmful actions such as the downloading of a virus or something similar. Coinbase prevents these kinds of attacks with security measures such as DELETE requests, verification of POST authenticity and SQL injection filters.
Limiting Brute Force Attempts
Coinbase places a limit on actions like attempted user logins to prevent malicious outcomes that can be achieved through repetition.
Employee Background Check
All Coinbase employees undergo a rigorous background check to ensure that no one dangerous joins the Coinbase team.
Employee Security Requirements
Not only do Coinbase employees undergo extensive background checks, they are also required to employ best practices for information security like hard drive encryption, strong password usage, and screen locking for their individual computers.
Coinbase Bug Bounty Program
To top their list of advanced security features, Coinbase has a bug bounty program that pays cybersecurity professionals not associated with Coinbase who are able to find any potential security bugs throughout Coinbase’s ecosystem. As of March 12, 2018, Coinbase has paid $227,531 in bounties to professionals who have been able to find potential security flaws for Coinbase to fix.
However, while Coinbase has top-notch security, if you choose to store your cryptocurrency in the Coinbase wallet, you should know that Coinbase accordingly controls whatever cryptocurrency you secure with them.
Along with Coinbase’s many services for cryptocurrency buyers, merchants who want to accept digital currency payments can use Coinbase Commerce to easily and safely accept payment in Bitcoin, Ethereum, Litecoin and more.
Coinbase Commerce can even integrate with popular website platforms such as Shopify. Coinbase Commerce supports multiple cryptocurrencies (and is always adding more), customization without the need for coding knowledge, and managing payments and monitoring earnings using an intuitive merchant dashboard.
Coinbase is aimed towards users who want ease of use. On the other hand GDAX, another exchange run by Coinbase, is more for experienced currency traders who want things like charting tools, real-time orderbooks, trade history and other advanced features.
GDAX has an application programming interface (API), which is like a Websocket feed that allows users to access real-time cryptocurrency market data as well as a trading API that allows users to develop trading bots.
Furthermore, while GDAX might be more complicated to use for a newbie investor or trader, fees are lower with GDAX offering zero fees on maker trades and taker fees that go as low as 0.1% depending on trading volume.
The caveat to all of this for Australian users is that unlike users from countries like the United States and the United Kingdom, Australian GDAX users cannot trade on GDAX using fiat like AUD but can only trade the following cryptocurrency pairs: Ethereum/Bitcoin and Litecoin/Bitcoin.
While this won’t apply to the majority of Australian Coinbase users, Coinbase also offers an API that allow for the integration of Bitcoin, Ethereum, Litecoin and Bitcoin Cash into new and existing applications. Some capabilities offered by Coinbase’s developer API include the following:
- Buying, selling, sending and receiving Bitcoin, Ethereum, Litecoin and Bitcoin Cash
- Creating wallets for Bitcoin, Ethereum, Litecoin and Bitcoin Cash
- Securely storing Bitcoin, Ethereum, Litecoin and Bitcoin Cash
- Getting both real-time and historical cryptocurrency price data
- Receiving cryptocurrency payment notifications
- Accepting and requesting Bitcoin payments
- Building cryptocurrency applications that haven’t been built before!
Although Coinbase does have an active support team and even goes as far as publishing the names of key customer support staff members on their website, the site has experienced growing pains, with a lack of customer support being one of them.
Not only does Coinbase have over 10 million members, but this huge number is also a recent phenomenon as the site’s popularity has skyrocketed along with the popularity of cryptocurrency like Bitcoin as a whole.
As a result, Coinbase’s customer service has suffered as the site struggles to quickly and efficiently accommodate its large and continuously growing userbase.
User accounts on Coinbase have weekly buy and sell limits that are calculated according to user account information, such as identity verification and successful purchase history, the former of which can turn off some cryptocurrency users who are usually very particular about their privacy.
Monitoring of User Activity
As mentioned, cryptocurrency enthusiasts are also usually big on privacy, with many not wanting governments and banks to know all the details of their financial activities. While Coinbase may be one of the leading cryptocurrency exchanges in terms of ease of use, it isn’t necessarily a leading exchange when it comes to protecting user privacy from the authorities.
For example, the United States’ tax authority, the Internal Revenue Service (IRS), forced Coinbase to turn over customer records of all customers who completed more than $20,000 in transactions through Coinbase in a single year from 2013 to 2015. The data that Coinbase had to turn over included dates of birth, names, addresses, taxpayer IDs and transaction records.
Although that particular court order doesn’t affect Australians, it does set a dangerous precedent that may affect Australian users in the future as it shows that Coinbase clearly monitors user activity otherwise it wouldn’t be able to provide such detailed information to the US tax authorities about its US users.
Users Don’t Control Wallet Private Keys
As mentioned, a cryptocurrency wallet’s private keys can be used to access the wallet’s funds from another source. Coinbase controls all wallet private keys. In essence, Coinbase acts more like a bank than a true cryptocurrency wallet in this sense since true cryptocurrency wallets give all control of funds to the user.
As such, most recommend that Coinbase only be used to purchase cryptocurrencies and not store them.
Arbitrary Closing and Freezing of User Accounts
One of the biggest grudges that some users hold against Coinbase is that it can shut down user account in accordance with its adherence to Anti-Money Laundering (AML) and Know Your Customer (KYC) practices as a US regulatory body-approved company like many leading banks.
Activities that can lead to account shutdowns or freezes include transactions related to adult services, gambling, contraband, resale of cryptocurrency on exchanges not AML and KYC-compliant and other reasons that they aren’t required to disclose.
While Coinbase is one of the world’s leading cryptocurrency exchanges and is particularly convenient for Australians who want to purchase cryptocurrencies like Bitcoin, Etheruem, Litecoin and Bitcoin Cash using their credit or debit cards, it is not without its flaws.
Some of Coinbase’s flaws include the following: frequently slow and inefficient customer service, transfer limits tied to identity verification, monitored user activity, users not controlling their wallet’s private keys and accounts being closed and/or frozen according to Coinbase’s discretion.
Regardless of these flaws, Coinbase still remains a top option for Australians who want to buy cryptocurrencies due to its convenience, ease of use, mobile applications and excellent security.