If you decide you’re game enough to use Twitter’s new feature to send strangers on the internet money, do your best not to accidentally send them your residential address, too.
To explain, you may have heard something about “Tip Jar,” which the company soft launched Thursday, heralding it as a way “for people to send and receive tips.” The new feature, which is available via the mobile app on Android and iOS, allows users to send money to other accounts using a variety of third-parties. It’s very easy to operate: By clicking on a dollar bill icon next to a person’s username, you will be presented with a list of options for how to donate: Venmo, Cash App, Bandcamp, Patreon, PayPal, and so on. Choosing a payment option redirects you to the selected third-party’s platform to allow a transaction to occur. You’ll want to rush to do this as a way to…uh, reward good tweets? Yes, the point of the whole enterprise isn’t entirely clear, but do people really need a reason to throw more money around on the internet? Ostensibly Twitter is trying to become a bigger playground for creators and this will help with that.
Anyway, the Twit-Tips are currently undergoing a trial run, with a number of creators, journalists, and non-profits acting as guinea pigs that Twitter users can send money to, though allegedly the feature will soon have a wider release. Currently, it’s only available for people using Twitter in English.
As is usually the case with new things, users were quick to point out some stuff that wasn’t totally hunky dory. Rachel Tobac, a security professional, was playing around with the app when she noticed what initially seemed like a glaring security risk. Tobac discovered that if you specifically used PayPal to send someone a tip, you will also be sending them a fairly intimate detail: your home address. This doesn’t appear to be an issue for any of the other pay applications set up through Tip Jar.
In a Tweet shared by Tobac, an image of a receipt for the PayPal donation clearly shows the sender’s residential address.
G/O Media may get a commission
“This is EXACTLY what I was concerned to test when Twitter announced Tip Jar. PayPal needs to make it crystal clear which data is given to money receivers and stop sharing that data, & Twitter needs to educate users who don’t realize what info tip receivers get when using PayPal,” Tobac tweeted.
Kayvon Beykpour, product lead at Twitter, quickly replied to her comments: “this is a good catch, thank you. we can’t control the revealing of the address on Paypal’s side but we will add a warning for people giving tips via Paypal so that they are aware of this.”
However, it turns out this is not some sort of weird bug, it’s just a feature of how PayPal payments work. Specifically, there are two different modes by which payments can be made and received on PayPal accounts—one of which requires the disclosure of your address because it is pegged to “Goods and Services,” i.e., deliveries. So, we can surmise, Tobac was using this mode to send her tip. It is certainly something that customers should be aware of, said Tom Hunter, Senior Manager of Global Communications with PayPal, in an email. Hunter said:
When using PayPal to send and receive money, there are two options a customer can select before processing the payment on how that money is sent. “Goods and Services” is used to buy or pay for an item or service from someone and will automatically share the customer’s address with the recipient for the delivery of those goods and services. Customers can toggle within the payment flow to select “Friends and Family” which does not share the address with the recipient. This is the standard functionality of the PayPal app and we will work with Twitter closely to ensure user awareness.
While this isn’t a glaring security risk, it is certainly a good thing for users to know about. Sending your address out willy nilly on the internet is generally frowned upon, but it seems fairly easy to avoid if you have a good understanding of PayPal’s functionality. Granted, if you’re willing to send someone you don’t really know a bunch of money, maybe you’re also willing to let them know where you live? I don’t know.
When reached by email, a Twitter spokesperson reiterated that they have no control over how PayPal works or whether or not users know how to use third-party accounts, but said that they were going to try to get the word out to users:
Tipping through Tip Jar takes place on the selected payment service app or website and as a result relies on the third-party service’s functionality. When tipping with Tip Jar, people are notified that they’re going to a separate app or website to send their tip, and that tipping on that third-party platform is subject to the platform’s terms. We’re updating our in-app notification and Help Center article to make it clearer that other platforms, per their terms, may share information about people sending tips to one another.
Duly noted. Ultimately, it’s probably good that this whole little episode happened because it highlights some potential privacy hiccups for consumers when it comes to the new feature—something Twitter was likely testing for in the first place. Slow rollouts allow companies to discover stuff like this. Twitter said in its announcement that it is “always looking for feedback and ways to improve updates like Tip Jar – let us know what you think.” Looks like it got some.
Facebook hopes to launch a trial of its long-stalled digital currency project by the end of this year, according to a new report from CNBC. The currency, first announced in 2019 as Libra and then renamed Diem after some bad publicity, will now be pegged to the U.S. dollar, provided the tech giant can actually get it off the ground this time.
Facebook first announced plans for the digital currency in June of 2019 and was hit with immediate backlash from governments and consumer groups around the world that worried what would happen if a huge tech monopoly like Facebook competed with the world’s largest currencies. Facebook has roughly 2.8 billion active users on a planet of 7.9 billion people.
Facebook’s plan in 2019 was to launch the “blockchain” currency by early 2020, something that obviously didn’t happen after the tech company’s partner organizations like PayPal and eBay started to pull out after the wave of negative press.
But CNBC, and whoever leaked this Facebook news to the financial outlet, seem to hint that Facebook is taking a much more cautious approach this time, even if details are still extremely scarce.
The Diem Association, the Switzerland-based nonprofit which oversees diem’s development, is aiming to launch a pilot with a single stablecoin pegged to the U.S. dollar in 2021, according to a person familiar with the matter.
The person, who preferred to remain anonymous as the details haven’t yet been made public, said this pilot will be small in scale, focusing largely on transactions between individual consumers. There may also be an option for users to buy goods and purchases, the person added. However, there is no confirmed date for the launch and timing could therefore change.
G/O Media may get a commission
What the hell is the Diem Association? It appears to be the next iteration of the Calibra Association, the supposedly independent organization set up by Facebook to oversee the currency back when it was called Libra.
When reached for comment about the CNBC story, Facebook’s Head of Communications for Australia, Antonia Sanda told Gizmodo by email, “looks like this could be a leak as there are no official announcements from the Diem site, but I’ll leave that for the Diem team to confirm.”
Sanda provided Diem’s email address and wrote, “We now send all media queries direct to the Diem organisation, as it is separate from FB […] if you’d like to contact their team direct.” Gizmodo has not yet heard back from Diem but will update this post if we do.
Governments around the world are setting up committees and task forces to examine the pros and cons of creating their own digital currencies, with China, Japan, and the UK announcing their own explorations in recent months. And it’s no secret that cryptocurrencies like bitcoin and ether have gained traction in recent years, with large companies like PayPal starting to get in on the action. PayPal announced last month it was launching a way for consumers to pay using cryptocurrencies at millions of retailers, handing the merchant fiat during the transaction.
But will Facebook’s digital currency flourish after already experiencing one very embarrassing false start? Only time will tell. But you can bet that government regulators will be keeping a close eye on Facebook’s plans for the future of money, especially since most world leaders think CEO Mark Zuckerberg already has too much power.
Congressman Brad Sherman even told Zuck in a July 2019 hearing that his new digital currency—which Sherman mockingly called “Zuck Bucks”—could cause the next 9/11, apparently referring to the possibility that criminals would use Facebook’s new currency for illegal activities. And when that’s your starting point of conversation with politicians who could help decide the fate of your new business idea, it’s tough to see it getting very far.
The Bank of England and the UK’s Treasury have launched a task force to explore the use of a national digital currency, the British government announced in several press releases early Monday as part of April 2021 Fintech Week.
The task force, formally known as the Central Bank Digital Currency (CBDC) Taskforce, will examine the pros and cons of issuing a new digital form of money that could be used by British consumers alongside cash. But the government is quick to note it hasn’t yet reached a final decision about issuing a digital currency that would potentially compete with cryptocurrencies like bitcoin and ether.
The British government and Bank of England laid out four primary points of interest and goals for the task force, including:
Coordinate exploration of the objectives, use cases, opportunities and risks of a potential UK CBDC.
Guide evaluation of the design features a CBDC must display to achieve our goals.
Support a rigorous, coherent and comprehensive assessment of the overall case for a UK CBDC.
Monitor international CBDC developments to ensure the UK remains at the forefront of global innovation.
The new task force will be led by the Deputy Governor for Financial Stability at the Bank of England, Jon Cunliffe, and HM Treasury’s Director General of Financial Services, Katharine Braddick, according to a press release.
The announcement comes as several other central banks around the world have announced similar investigations into digital currencies, including China and Japan. The press release notes the new task force will be keeping a close eye on international developments, which seems to be where most central banks are sitting at the moment.
G/O Media may get a commission
Everyone wants to be ready for the future, but very few people want to go first. Especially when so much is at stake. If you’re going to issue currency, it needs to work in a way that won’t completely collapse the global financial system—a house of cards that only works because enough people believe that it works.
Best of luck to everyone! Please don’t ruin society as we know it!
Japan’s central bank has started trials of a new digital currency in an effort to experiment with how it might be used, the Bank of Japan announced on Monday. The announcement comes after the Chinese government revealed it was doing something very similar with a digital yuan in early March.
“The Bank of Japan has been undertaking preparations to begin experiments on Central Bank Digital Currency (CBDC) in early fiscal year 2021, to test the technical feasibility of the core functions and features required for CBDC,” the Bank of Japan said in a statement published online. “As necessary preparations are now complete, Proof of Concept (PoC) Phase 1 begins today.”
The announcement confirms rumors that have been swirling since late 2020 about Japan’s potential creation of a digital yen. But there’s no guarantee that Japan will ever make the digital currency available to the public. Everything is very much experimental right now, according to the Bank of Japan.
“In PoC Phase 1, the Bank plans to develop a test environment for the CBDC system and conduct experiments on the basic functions that are core to CBDC as a payment instrument such as issuance, distribution, and redemption,” the Bank of Japan statement continued. “This phase will be carried out through March 2022, for a duration of one year.”
As the Register points out, virtually every large central bank in the world is experimenting or rumored to be experimenting with digital currencies to ensure they’re ready whenever the time may come to issue one. And as cryptocurrencies like bitcoin and ether become more mainstream through services like PayPal, that time could be sooner rather than later.
G/O Media may get a commission
In the U.S., Treasury Secretary Janet Yellen has said she supports financing research into a digital dollar, though she’s signaled the kind of conservative thinking you’d expect from a top government official. At least the kind of thinking in a normal (read: post-Trump) government.
“There’s a lot to consider here, but it’s absolutely worth looking at,” Yellen said back in February.
One of the reasons countries around the world are transitioning from paper to plastic polymer banknotes was the promise they’d be harder to counterfeit—but it didn’t take long for fakes to proliferate. However, an avoidable flaw introduced during the manufacturing process of polymer banknotes could be used as a unique fingerprint to validate legitimate currency.
Researchers from the Department of Computer Science at the University of Warwick and Durham University in England have discovered that every single polymer banknote has a unique but unintentional fingerprint that could be used to create a verification system that’s impossible to fool. The research is detailed in a paper, ‘Anti-Counterfeiting for Polymer Banknotes Based on Polymer Substrate Fingerprinting,’ recently published in the IEEE Transactions on Information Forensics and Security journal, which also explains how a viable validation system could be created that’s more foolproof than a cashier shining a UV light on a bill.
When polymer bills are being manufactured the application of a critical layer known as the opacity coating results in impurities in the ink being randomly dispersed producing subtle translucent patterns that become more apparent when the banknote is held up against a bright light source.
To the naked eye, it’s just random imperfections that are barely discernible because other details, including imagery, text, and intentional security features, obscure the patterns. But every bill has small regions where those patterns are unobscured, and when placed on a backlit film scanner, those random patterns can be extracted in extreme detail and used as a unique fingerprint.
G/O Media may get a commission
Having a unique fingerprint is one thing, actually taking advantage of it to identify counterfeit currency is the real challenge. The researchers propose creating a database cataloging the unique fingerprint of every single bill produced at a mint, correlated with its serial number, and then using that as a tool to perform a pattern match in order to verify whether a suspected counterfeit banknote is real or not. This verification wouldn’t happen every time a shopper passed a stack of bills to a cashier, but law enforcement agencies could be given tools that access the database allowing them to easily spot a fake without requiring suspected counterfeits to be sent away to experts for in-depth analysis.
With almost four billion banknotes circulating in the UK at the moment, the proposed system seems like it has some logistical problems to overcome first because that’s a lot of data to store and process. But speaking to New Atlas, University of Warwick professor Feng Hao points out that the fingerprint patterns are scanned and converted to small 256-byte vector files, and for four billion banknotes that adds up to just over a terabyte of storage. If the system only focused on higher-value banknotes, which counterfeiters target, the storage and bandwidth requirements would be even smaller.
Given how quickly smartphone cameras have progressed and improved, there’s a very real chance this counterfeit spotting system could one day be rolled out through an easy-to-use app so it’s accessible all over the world. But if it ever came to be, don’t expect it to be made available to anyone other than law enforcement. No one wants counterfeit spotting vigilantes running around with smartphones in hand, accusing every little mom and pop shop of being a money-laundering front.
Commission-free stock trading app Robinhood said that it had confidentially filed for an initial public offering on Tuesday, apparently ready to capitalize on all of the positive buzz surrounding democratized finance.
After Bloomberg first reported the news, Robinhood confirmed in a statement that it had submitted its filing U.S. Securities and Exchange Commission. A person familiar with the plans reports that the company could go public as soon as late in the second quarter of 2021, and has selected NASDAQ as the venue for its listing.
The decision to file privately isn’t necessarily an uncommon strategy: Other big-name startups including Airbnb, Lyft, Slack and Palantir all opted to file confidentially, which buys companies a little time before opening up the books for the investors who then use those key financial details to project growth trajectory.
Robinhood, it’s worth noting, is having an absolute dumpster fire of a year so far, with one public relations disaster on top of another. The company alienated a core constituency after it unexpectedly halted trades on meme stocks like Gamestop in January; was hit with a high-profile lawsuit brought by the family of a 20-year-old trader who died by suicide after checking the balance of his trading account in February; and was publicly smeared by Michael Bolton in March.
As it turns out, though, that old thing about there not being any bad press is true: In tandem with its recent public missteps, interest in retail trading has soared for the digital brokerage, validating the company’s commission-free approach and its strategy to essentially gamify investing. Retail investing has also bloomed with particular ferocity in the shadow of the Covid-19 pandemic, with would-be traders turning to accessible brokerages like Robinhood as a salve for their anxieties about economic recovery and financial stability.
G/O Media may get a commission
With U.S. stocks trading near record highs and investors more eager than ever to sign away huge sums of money to SPACs — special purpose acquisition companies set up with the express purpose of assisting small private companies in acquiring capital before going public — it seems like the fervor around retail investing is unlikely to die down anytime soon. It seems like Robinhood is teed up for a hot IPO, so long as it plays its cards right and successfully avoids another major public meltdown. Honestly, how hard could that be?
This Earther report is being co-published with the Daily Poster.
The Biden administration has pledged to make the climate crisis a top-tier issue, authorizing a “whole of government” to take on climate change. That would mean the responsibility to legislate environmental action wouldn’t be left up only to the Environmental Protection Agency and the Department of Energy, but would extend to all agencies, including financial regulators.
Already, over the past few weeks, Biden’s Security and Exchange Commission (SEC) announced that it will update its guidelines on how climate risks should be disclosed to investors, and launched a task force to focus on climate-related compliance and misconduct. The SEC has also refused to help ExxonMobil block a shareholder vote on a climate-change resolution. (Although the commission did just let the company reject a shareholder proposal to force the operation to disclose what it plans to do with its untapped fossil fuel assets.)
This week, the Securities and Exchange Commission sided with ExxonMobil in rejecting a shareholder proposal to require the company to report how it plans to deal with “stranded assets” — untapped fossil fuels that the company is counting as assets but may never be drilled, meaning they will turn into liabilities.
The Federal Reserve, meanwhile, released a report on its intent to include climate-related risks in its oversight of financial institutions. Finally, new Treasury Secretary Janet Yellen has pledged to set up a subagency of her department focused exclusively on dangers the climate crisis poses to the economy.
But the path to changing corporations’ and financial institutions’ role in the climate crisis could be hampered by Trump administration policies that made it more difficult to change corporate behavior through shareholder resolutions and divestment campaigns. While some of these regulations might prove easy for the Biden administration to wipe away, climate activists say it’s time to address the pro-business, anti-environmental drive behind these restrictive measures once and for all.
G/O Media may get a commission
Moving Beyond Maximizing Profits
For much of the latter third of the 20th Century, corporate law was dominated by the idea best summarized in economist Milton Friedman’s influential 1962 book Capitalism and Freedom that “Corporations have no higher purpose than maximizing profits for their shareholders.” In the last decade, however, shareholders have begun to push for more responsible corporate citizenship, particularly with regards to climate change.
The climate movement has been relatively successful at using shareholder engagement to secure emission reduction goals and greater corporate transparency about environmentally destructive practices and lobbying. Just this year, shareholders were able to get Chevron to adopt a policy that it would disclose how its lobbying efforts aligned with the goals of the Paris Agreement, the 2016 international treaty on global warming mitigation. Shareholder pressure on Exxon, among the biggest laggards in the fossil fuel industry when it comes to climate, led the company to add an activist investor to its board last week.
Such shareholder actions are in part inspired by growing public concern about the threat of the climate crisis. But the efforts can also create more profitable business models and change the long term outlook for the fossil fuel industry. Between 2016 and 2020, oil and gas producers saw their market value contract by a total of $400 billion.
“I wish that investors were divesting from fossil fuels or demanding that companies change their business plans out of the goodness of their hearts, but a big reason is that the oil, gas, and coal industry is a total dumpster fire right now,” said Jamie Henn, director of Fossil Free Media who co-founded the environmental nonprofit 350.org.
The Trump administration, which spent its four years attacking climate science and scaling back environmental oversight, took a hostile view of such shareholder actions. Led by Trump appointees, federal agencies worked to reverse the trend with a series of new regulatory guidelines. The end goal was a full-blown return to the rapacious form of capitalism envisioned by Friedman and his acolytes, untethered by social or environmental concerns.
Silencing Shareholder Voices
In September 2020, Trump’s SEC voted 3-to-2 along partisan lines to add hurdles to filing shareholder proposals. While the previous rule allowed investors who held $2,000 of stock for at least one year to propose a shareholder resolution, the new rule raised the amount to $25,000 or $15,000 for two years. As a token gesture, the minimum remained $2,000 for investors who held their stock for three years.
“The SEC’s attempt to silence shareholder voices comes from a basic dislike of democracy,” said Andrew Behar, CEO of the nonprofit As You Sow, which aims to boost corporate responsibility though shareholder advocacy. “They don’t even want the actual owners of the company to have a voice in what the company does.”
The following month, the Trump Labor Department finalized a new rule making it more difficult for pension funds to divest from oil and gas interests. Such divestment campaigns have been successful at shifting investment away from the fossil fuel industry.
Globally, pension funds, philanthropies, and other institutions worth $14.6 trillion have committed to divestment, and the movement has strong roots in the U.S. Cities like New York City, San Francisco, and Washington have made moves to sell off fossil fuel assets, as have a number of schools. Last May, the University of California became the latest and largest school in the country to divest from fossil fuels, selling off more than $1 billion in assets and reinvesting in clean energy projects. Under the new Labor Department rule, however, private-sector retirement funds could not make divestment decisions based on social considerations, and instead had to act only in the financial interest of retirees.
The rule proved to be surmountable. In December 2020, New York’s $226 billion pension fund announced that it would fully divest from fossil fuels within the next five years based on economic concerns. The move built on the state’s June announcement that it would divest from coal.
“New York State’s pension fund is at the leading edge of investors addressing climate risk, because investing for the low-carbon future is essential to protect the fund’s long-term value,” said state Comptroller Thomas DiNapoli in a statement.
DiNapoli had long been a proponent of shareholder resolutions rather than divestment as a way to pressure companies into climate accountability. But according to the New York Times, the comptroller was frustrated by ExxonMobil continually rebuffing attempts by pension fund shareholders to push for a more environmentally friendly business stance.
Even before the rule changes, Trump’s SEC had been helping companies shut down climate resolutions. Corporate management can request that the SEC bless their efforts to omit shareholder resolutions from their annual proxy voting by issuing “no action” guidances on the matters, meaning the commission will not intervene. Over the past few years, the SEC has proven to be especially open-handed in issuing such guidances for corporate attempts to shut down environmental actions
“Nearly two-thirds of the climate-related shareholder resolutions filed with publicly held energy and utility companies this year have been contested before the U.S. Securities and Exchange Commission” noted a May 2019 report from Inside Climate News.
“So far this year, the SEC has sustained 45% of the challenges, the highest percentage in the last five years,” continued the report.
Trump’s Final Gifts To The Fossil Fuel Industry
In Trump’s final weeks in office, his appointees in the Office of the Comptroller of the Currency finalized a rule prohibiting all banks with more than $100 billion in assets from refusing to lend to any corporation without providing a quantitative financial assessment for doing so.
The move was an attempt to bar financial institutions from halting loans to entire categories of controversial companies, including oil drillers and other fossil fuel firms, something that became a fixation of Republicans after all major U.S. banks said they would no longer fund Arctic oil exploration last year.
In the preamble to the proposed rule, the OCC highlighted examples of the banking actions that the change would prohibit, including banks’ refusal to lend to fossil fuel companies for drilling in the Arctic.
The OCC called the policy the “Fair Access to Financial Services” rule, a name Yevgeny Shrago, policy counsel for Public Citizen’s climate program, said is misleading. “This rule is not about the safety and soundness of bank policies or about fair access to customers,” he said in an interview. “It’s 100% a political giveaway to some favorite industries by the [OCC’s former] acting commissioner.”
In another last-minute move, Trump’s Labor Department, led by Eugene Scalia, announced that it had finalized a new rule prohibiting retirement plan fiduciaries from casting corporate-shareholder proxy votes to advance social-justice goals, unless those goals are aligned with retirees’ financial interests.
Scalia previously worked for the American Petroleum Institute, Chevron, and the U.S. Chamber of Commerce, which lobbies on behalf of Big Oil. The rule also imposed a cost-benefit analysis on proxy voting.
Like continuous subsidies to fossil fuel industries and government bailouts for polluters, the moves were a last-ditch effort to throw a lifeline to the dying fossil fuel industry at all costs, at the expense of the planet.
“They say they’re trying to preserve the free market,” said Collin Rees, a campaigner with Oil Change U.S. “But we’ve continuously seen over the course of the fossil fuel cycle, that there is no such thing as a free market. There is only a heavily regulated market rigged in favor of business.”
Cleaning Up The Mess
Shareholder advocacy organizations are planning to legally challenge the previous administration’s attempts to clamp down on corporate climate action, and the Biden administration is not expected to let many of Trump’s financial policies stand.
Shrago said he expects that Biden officials will be able to easily withdraw many of the last-minute rules, since they had not been published in the Federal Register, and the Biden administration has issued a freeze on all rule changes in the pipeline.
The Biden Labor Department, meanwhile, is reportedly planning to toss out Trump-era rules that limited investments based on environmental and social factors. The Office of the Comptroller of the Currency paused another rule limiting banks’ abilities to deny services to fossil fuel companies. The administration has also ordered a review of similar rules made by the Trump-era SEC.
But experts say federal officials should go even further to address the economic risks posed by climate change.
For instance, while officials have the ability to invoke the Congressional Review Act to reject recently enacted rules and regulations from the prior administration, they haven’t yet taken that step. And as The American Prospectrecently noted, while Treasury Secretary Yellen has said her department may be able to facilitate stress tests for banks and insurance companies to determine if they’re capable of withstanding the pressures of the climate crisis, these tests would likely be structured to be largely toothless, unlike existing stress tests for non climate-related matters.
As chair of the Financial Stability Oversight Council, which works to shield the economic system from crashes, Yellen also has the ability to push all federal regulators to enact strong climate policies, such as strict limitations on fossil fuel investments. The council could also take the aggressive steps to take any other actions it deems appropriate to address climate risks, even banning fossil fuel investments altogether.
“These regulatory bodies have power,” said Rees, “and we need Democrats to be willing and able to step up to the plate and wield it.”
Keeping your cryptocurrency in the exchange where you bought it, be it Kraken, Coinbase, or Gemini, is inherently dangerous. Most of us will dip a toe into the crypto markets by visiting one of these markets and buying a few hundred dollars in currency. But then what do you do with it? Well, you can buy a wallet to store it in.
I’ve been testing out a new metal-encased crypto wallet called the Corazon made by Gray, a metal gadget case manufacturer. The Corazon costs a cool $599 for the blue titanium model and the limited-edition “stealth” model costs $1,499. For folks who have already made a mint in crypto, this is pocket change. But for the rest of us, I wanted to answer the question: “What do I need this thing for?”
The Corazon is definitely quite pretty. Compared to other crypto wallets, it looks like a work of art. But the case doesn’t particularly matter as much as what’s inside. The Corazon contains a working Trezor Model T, a hardware cryptocurrency wallet made by the Czech-based SatoshiLabs. The Trezor is one of the most popular hardware wallets, in close competition to Ledger Nano. Both are more than capable and there haven’t been (many) security issues (yet)—plus cheaper, less popular models are far too new and untested to be trustworthy.
With that, let’s walk through how to secure your crypto using a hardware wallet.
Don’t trust your exchange
The interesting thing about crypto is that you can buy fractions of a single coin. In the case of Bitcoin, you can buy fractional parts called Satoshis and they usually end up in your exchange wallet. I’m going to walk you through Coinbase’s interface since it’s one of the most popular.
G/O Media may get a commission
We begin by buying a little cryptocurrency on Coinbase.
You’ll see your crypto in your list of balances. You should never keep your crypto on an exchange. Further, never store your crypto on online wallets. These wallets are notoriously insecure. While your experience may differ, saving your cryptocurrency online is akin to leaving your retirement savings in a dark plastic bag in the backyard—it might feel safe, but there are just too many problems with the scheme to trust it with your fortune.
Further, if you’ve gotten this far and you are planning on “investing” your crypto with someone you met on WhatsApp or Instagram, please stop now. You are being scammed. The typical scam involves sending an amount of crypto to another wallet and then getting multiple notifications that your crypto is rising in price. When you try to withdraw your cash, however, you’ll find it very difficult and will be asked to add more funds until the scammer has had enough of you. I’ve written about these extensively and if you have any questions email me at firstname.lastname@example.org.
Again, do not trust an exchange or online wallet with any amount of cash and do not send cryptocurrency to investors or people you do not know.
Using your wallet
Now that you have some crypto and have not been scammed, plug in your Corazon (or Trezor) and activate it. The Trezor website connects to your device via your Chrome browser and the entire process is done online.
A hardware crypto wallet is essentially a secure storage device. To receive and send crypto, you need a wallet address, a public key (think of it as your public signature), and a private key (which must remain secret). Your wallet address—something like 1BvBMSEYstWetqTFn5Au4m4GFg7xJaNVN2—is a long string of letters and numbers that identifies your wallet. You can hold multiple wallets on one hardware device and there are multiple types of wallets, one for each type of cryptocurrency. The hardware wallet stores your private keys securely, allowing you to access these wallets without typing in a very long and complex string of digits. You can feasibly store this information on paper—and people used to enjoy using “paper wallets” to store their crypto—but a hardware wallet is superior.
To set up your wallet, plug it in and visit the maker’s website. In Trezor’s case, the system will initialize the wallet, install the secure software, and create public and private keys. The Trezor stores these keys internally and the keys are considered secure as long as they are on the device. The device will also generate a pneumonic Recovery Key, which consists of about 20 words that are easily translated to the string of digits that makes up the private key. These words are also called a Recovery Phrase because they are used to recover your wallet if you lose any of your passwords or PINs.
The Trezor Model T usually has 24 recovery words but it also supports a new type of key that is split into multiple chunks of 20 words each. This means you could hide a chunk of your key in different places—home, work, with a friend—and recover your wallet if something terrible happens.
Whichever you choose, the system will walk you through the setup process and ask you to set a PIN for accessing the hardware wallet. Keep the recovery seed and the PIN safe. Do not keep them on your computer or your phone. To be completely safe, write it by hand on a piece of paper and store a few copies in different places. Your Recovery Phrase is the only thing standing between you and disaster.
Once you’re done setting up the device, your wallet is ready. The system will often ask you to confirm things on the hardware device before it allows you to perform certain actions.
As you see above, I’ve shared the actual wallet address for the Corazon Trezor in front of me. I’m able to do this because you can’t actively steal anything from me using only my wallet address. In fact, you can see my wallet on the Internet and even see how much I’ve deposited and withdrawn. If that sounds a little creepy, welcome to cryptocurrency.
I move over to Coinbase and initiate a funds transfer. Every transfer costs a small amount of money, in this case about 2 cents.
If your transfer doesn’t show up immediately, don’t fret. Cryptocurrency transfer systems are fairly slow when compared to the traditional banking system and most wallets require multiple confirmations before they display your balance. These confirmations are like firm nods from the rest of the network that they agree that the transfer was legitimate and they are part of the fabric of the crypto networks. Explaining the blockchain is beyond the scope of this article but you can imagine these confirmations as thumbs-ups from various users around the world who saw your transaction happen and agree that it is legitimate.
Once the network confirms the transfer, you can unplug your Trezor and go about your day. Any time you need to access your riches you simply connect the Trezor to your computer and send or receive based on the on-screen and on-device prompts. Store your Recovery Phrase in a safe place and absolutely do not forget your PIN. You are your own bank when you own one of these things, and you’re responsible for your security. If that sounds daunting, stick to debit cards and ATMs until crypto formally enters the financial system.
That said, the cryptocurrency landscape is rapidly changing and devices like the Corazon are indicative of a real shift in perception. Whereas cryptocurrencies were once considered only for hackers and cyberpunks, a $600 titanium crypto wallet to store your crypto millions is much more mainstream. Just don’t start wearing it like some kind of cyberpunk pocket watch and you’ll be fine.
Samsung and Mastercard are officially teaming up on a credit card with a built-in fingerprint scanner, Samsung announced on Thursday. These so-called “biometric cards” will come baked in with a “several key discrete chips” from Samsung’s side, and are planned to be compatible with any point of sale (POS) terminal, or any terminal that currently accepts Mastercard chip payments.
Mastercard has been toying with the idea of biometrics since 2017, when the company announced a pilot of a similar-sounding biometric card that would authenticate payments by having customers place their thumb on an embedded chip inside the card. If a person’s PIN number matched the thumbprint associated with the card, their payment would go through.
The new Samsung collaboration, for its part, plans to do away with PIN numbers entirely. Per the announcement, all someone will need to do to authenticate a payment is pop their thumb onto one of the chips embedded into the card. The plan is to allow for “safer interactions with reduced physical contact points” by foregoing the need to even bother touching an icky PIN pad at all.
On one hand, using these systems means that you’re trusting Mastercard to keep your biometric data secure. Considering some of the high–profilestories of biometric data breaches we’ve been hearing over the past few years, that can be a tough sell for some of Mastercard’s clientele. But on the other hand, those security risks could be worth it for folks looking to adopt a contact-free way to pay.
Despite the fact that there’s little evidence pointing towards surface contact—like say, between your finger and a PIN pad—playing a substantial role in transmitting Covid-19, anxieties about contaminated surfaces have led swaths of people to make the shift from paying with cash to adopting contactless payment methods, like Apple Pay or Google Pay. And as others have pointed out, there’s a good chance that the popularity of cashless payments won’t dissipate anytime soon: in the U.S., some researchers predict that the total value of these sorts of touchless transactions will skyrocket from $178 billion dollars in 2020 to $1.5 trillion in 2024.
G/O Media may get a commission
Samsung will be leading the “gradual” rollout of these new biometric cards in South Korea later this year. Thus far, it’s not clear if the cards will be coming out in any other markets.
Bitcoin is the future, again: this morning, it hit an all-time high value of over $50,000. Is there a lesson in here? Are Elon Musk’s tweets a good investment strategy? Should we get in on this? We have yet to learn. Or maybe we learn nothing, and the notoriously volatile currency will level out, unlike when some lost everything to the 2018 crash.
Elon Musk first sent Bitcoin and Dogecoin soaring a few weeks ago as a sort of sequel to Reddit’s WallStreetBets frenzy, changing his bio to “Bitcoin” and tweeting “Doge”to the glee of his fans. (A meme on his feed captured the spirit of the resulting 50% upswing.) He tweeted about both cryptocurrencies before Tesla disclosed, in its annual report, that the company had converted $1.5 billion USD to Bitcoin. Naturally, this led to some analysts calling the investment “risky” and “crazy,” and pointing out that Tesla could lose nearly all of its 2020 net income on the gamble if Bitcoin were to plunge by 50%.
More quietly, a handful of banks and fintech companies, including Mastercard, Bank of New York Melloncorp, Visa, PayPal, and Square have recognized the demand for cryptocurrency exchange and have started supporting Bitcoin and others.(Incidentally, major credit card companies might have indirectly driven even more demand thanks to their decision to cut ties with Pornhub, creating a cryptocurrency market on the country’s 14th largest website.)
“Mastercard isn’t here to recommend you start using cryptocurrencies,” the company’s press release hedged last week. “But we are here to enable customers, merchants and businesses to move digital value – traditional or crypto – however they want. It should be your choice, it’s your money.”
Ethan Lou, journalist and author of “Once a Bitcoin Miner”—an autobiographical account of running a blockchain start-up through the first boom—doesn’t see the price movement itself as extraordinary.
G/O Media may get a commission
“I think a 5-10 per cent move is a perfectly normal day for bitcoin,” he wrote via email. The upswing isn’t so surprising given that Bitcoin has, “increasingly moved in correlation with the broader financial markets,” and the markets seem to reflect the fact that a stimulus is on the way.
The market has been extraordinarily volatile over the past year, and the price ofBitcoin followed the March 2020 crash, at one point trading at a little over $5,000. A 10% one-day price move would be remarkable for the stock market, but this is a year of meme stocks and rocket ships fueled by nihilistic fever after the GameStop short squeeze, not to mention Tesla’s own incredible (possibly precarious) surge.
Lou doesn’t believe that Tesla’s decision to buy into cryptowould likely scare off Tesla investors, either. “There are those who already think Tesla is overvalued, even before this year, so I think a Tesla investor is already someone who has a high tolerance for risk,” he wrote. “I think the effect is asymmetrical. Tesla’s purchase affected the market, but not so much the other way around.”
This morning, Elon Musk again tried to move the Doge market by offering to pay cash to the largest hoarders of joke currency Dogecoin if they agreed to “void their accounts” in order to, in his view, decentralize the market. (According to the Dogecoin Rich List on bitinfocharts.com, a single account holds 28.7% of all Dogecoin.)
If all this sounds like the plot of a forthcoming tragic documentary and/or Adam McKay movie to you—same.
UPDATE 2/16/2021 1:10pm ET: In response to Gizmodo’s follow-up question of whether this is a repeat of the 2017 Bitcoin bubble, Lou seemed a little more cautiously optimistic about Bitcoin’s longterm stability. But Bitcoin is not immune to the 2017-like blind enthusiasm swirling around the WallStreetBets and Elon Musk, so take it all with a grain of salt:
The Gamestop matter was exactly like 2017 — an easy path to investment for the uninitiated (the Ethereum platform then, Robinhood now), confidence in assets built on memes and viral content, a rebellious, anti-establishment attitude. While I believe Bitcoin itself has sound fundamentals, the 2017 price rally was fuelled mostly by speculation on the thousands of alternative cryptocurrencies, or shitcoins, most of which are now practically worthless. Like Gamestop, that was a rally built on hype and naivety, without underlying fundamentals. At the end of that, some people will make a lot of money, yes, but it was on the backs of others who end up holding coins that were deep in the red. And now the excess energy from the Gamestop matter is bleeding into crypto.