The beginning of the Bitcoin revolution also gave birth to the concept of cryptocurrency exchanges, which offered a way for people to convert their fiat to bitcoin by purchasing the cryptocurrency on them. One of the first movers in this segment was Mt. Gox.

Mt. Gox, with a “rich history”, at one point stood to be the largest cryptocurrency exchange of that time, with users from across the world using its services. However, it didn’t stay that way for long. The first huge bitcoin rally, which witnessed the price crossing $1000 mark for the very first time also eventually led to the downfall of the giant. Since then, the case of rise and fall of Mt. Gox has become a prime learning example of how not to run a cryptocurrency exchange business.

After an extensive investigation of Mt. Gox following the reports of hacking incidents indicated multiple failures, in terms of cybersecurity as well as accountability of users’ funds. Following the aftermath of the Mt. Gox hack, the price of Bitcoin fell from an all-time high of that period and took a long time to recover. Subsequent investigations revealed that in addition to multiple hacking incidents, the CEO of Mt. Gox funneled the user’s funds to his other companies and also spent that money for personal expenses.

While Mt. Gox fiasco was the first of its kind to rock the cryptocurrency industry, there have been numerous cases of mismanagement and hacking incidents affecting various other exchanges as well, in most such cases, the users and investors on those platforms bore the burnt, and incurred huge losses. Since then, people have become overtly cautious when it comes to choosing the right platform and they are right to do so.

Analysis of all these cases shows the same result – The need for accountability among the exchange promoters and state-of-the-art cybersecurity with multiple failsafe. Learning from these experiences, newer exchanges have started focusing more on the security and the upcoming regulations in crypto sector across various geographies have made licensing mandatory to operate a cryptocurrency exchange or trading platform. By doing so, they hold the owners of these platforms accountable for mismanagement or loss of public’s hard-earned money due to negligence or factors other than regular operations.

Decentralized and Hybrid Exchanges

In order to build trust and ensure compliance, exchange platforms have taken different routes, all the while ensuring high levels of cyber security. Decentralized and Hybrid exchanges are a result of this evolution. While decentralized exchanges seem to be the perfect answer when it comes to security as users will hold the keys to their wallets and are responsible for safekeeping of their funds, they miss out on the compliance part as there is no centralized structure to ensure the implementation of satisfactory KYC and AML measures. Without fulfilling these requirements, these exchanges are not eligible to receive the necessary licenses which force them to operate in the regulatory grey area, which by some jurisdictions can be construed as illegal.

Hybrid exchanges, on the other hand, are more practical as they ensure a certain degree of decentralization, allowing users to maintain control over their funds while the centralized features allow conformity with the law of the land. Centralized management of user accounts and records will enable these crypto platforms to maintain AML and KYC compliance and also secure financial licenses on-par with traditional or new-age banking, finance and insurance enterprises. Armed with the required license, they can offer services well within the boundaries of the law and build trust among the crypto community.

Security is the Key

Irrespective of the nature of exchange platform, the only way to avoid a re-run of Mt. Gox scenario is to factor in all kinds of cyber threats as well as possible manipulation by the employees and design security measures to thwart any such attempt. A good example for the hybrid approach with Fort Knox like security is the relatively new CODEX crypto and digital asset exchange. The platform is armed with industry standard security protocols like 2-factor authentication, EDDSA API authentication, Login alerts and more.

In addition, CODEX also implements SCATTER multiplatform wallet with inbuilt RIDL mechanism that detects the presence of potentially malicious applications to prevent data leakage. Also, the presence of PCI-DSS compliant payment gateway ensures secure handling of credit card information. Further, the security infrastructure of CODEX has undergone successful audit by Hacken and found to be more than adequate to ensure high levels of security to users and funds held on the platform. The combination of CODEX’s security features and official financial licenses (FVR000169 and FRK000141) turns it into a benchmark for new exchanges. And that’s not all, the CODEX platform also ensures transparency of its operations by voluntarily sharing data with CER, which includes the exchange’s wallet addresses for validation and Proof of Funds CERtification. By doing so, CODEX joins the likes of Huobi, Kraken, Bitfinex, Gemini and more which have all been granted the CERtified status on CER platform confirming their position on the top of the Blockchain Balance Rating. These ratings not only help verify the financial health of platforms but also sends a message to the community saying the company is reliable and means serious business. CER and Hacken are also CoinMarketCap’s DATA partners.

Apart from CODEX, there are other platforms like Coinbase, Binance, Bittrex etc. who claim to follow the highest security standards. However, it is to be noted that there is no sure way of knowing whether an exchange is “unhackable” or not, as only in an event of a security breach will one know the limitations of their respective security infrastructure. But so far, the industry has learned its lesson from the likes of Mt. Gox and there hasn’t been a repeat of such catastrophic incidents in recent times.

Image by Gerd Altmann from Pixabay