At Lunie we’re building staking for everyone — non-custodial at every level. With that in mind, we realize that our approach to building a staking platform needs to encompass the devices and software that everyday people have access to. Having a strong web app is a must for staking, as well as our browser extension for added convenience and the Ledger hardware wallet integration for cold-storage enthusiasts. But no technology is more ubiquitous than the mobile devices so many of us all across the world use on a daily basis. So we find it appropriate to explain a bit about how users should think about integrating mobile devices in their day-to-day cryptocurrency habits.

There may be some people who are hesitant to rely on their mobile phones for holding and staking cryptocurrencies and given past news cycles about sim-swapping scams and other crafty methods of theft, there’s good reason to be questioning how a mobile device fits into your own personal non-custodial staking approach. However, given current technology on both major platforms, iOS and Android, you can and should be able to utilize your mobile phone effectively and safely as a hot wallet given existing software and hardware in most phones.

Say “No” To Rooted Devices

It can be fun to root a phone for experimental purposes, but assume that any security guarantees you thought were in place when you bought it from the factory are now gone or at least weakened. You don’t want to have funds stored on a device with a bunch of unknown changes from accessing and altering the core configurations of the phone. If you must hack your phone, make it a spare one that contains no cryptocurrency wallets.

Don’t Install Apps That Can Read Your Screen

Often when we install and set up new apps on Android or iOS a new type of disclosure or permission might be needed that we are not used to seeing. It’s always a good idea to read these carefully, but many people do not and just accept everything the app asks of them. We really recommend against this and want to advise users of the Lunie mobile apps to never give permission for apps to be able to overlay your devices screen or read from your screen. This could give access to your passwords, backup codes or worse. Not all apps that ask for these permissions are malicious in nature, but any could collect sensitive data from you and you are then left without control of what happens to that data next.

Ditch The Fingerprint and Facial Recognition

Fingerprint and facial recognition are so convenient when it comes to frequently unlocking one’s smartphone, but are not the most secure options to lock down a phone or the critical apps on that phone. We recommend using a strong pin or password for not only your mobile device but also for the individual apps you have downloaded. The convenience is not worth the security blindspots.

Install Your Updates

Updates on both Android and iOS can seem maddeningly frequent, but you really should make sure they all get installed as soon as possible. One app that creates a security vulnerability on your phone could expose all your other apps or worse to a breach. Keeping up with updates is an easy way to minimize exposure to vulnerabilities.

Have A Hardware Wallet For Larger Amounts

The concept of a “hot wallet” basically means you use a cryptocurrency wallet for small transactions. An amount of money you should be comfortable losing 100% of (not necessarily happy about it, but comfortable) is what belongs on a hot wallet. Your larger amounts of cryptocurrency should have stronger security, like a hardware wallet from the Ledger Nano product suite.

Redundant Backup Codes

This should go without saying, but backup your seed phrases, private keys and other important backup codes. This does not mean saving it in your notes on your phone and forgetting about it. Write it down on a piece of paper (or several pieces of paper), put them in redundant backup locations and if you must store them digitally make sure the files containing them are fully encrypted.

Good Old Fashioned Strong Passwords

Your childhood cat’s name plus your birthday at the end of it may be cute but does not necessarily make a good password. It’s always a good idea to generate unique and random strong passwords for your mobile app and any app in general. Some password managers, such as 1password will enable you to create unique strong passwords for each app you use across web and mobile making for a much more secure experience for you and less anxiety needing to remember each password you created.

Keep In Mind — We’re Still In Beta

The Lunie iOS and Android wallets are both still very much in beta. Please keep that in mind! According to the definition of beta in relation to software:

A Beta phase generally begins when the software is feature complete but likely to contain a number of known or unknown bugs.

When we are out of beta, you, our users, will be the first to know! Until then, it’s best to treat your Lunie mobile wallet as a hot wallet only and use the Ledger hardware options for larger amounts. This generally goes for all other cryptocurrency wallets as well!

What are some of your mobile device security best practices? Is there anything we missed? Please comment below or get in touch with us directly to share your ideas!