Smartphones Are the Safest Devices to Store Cryptocurrency, Samsung Says

Omar Faridi
  • Samsung Electronics says smartphones are the safest device to store cryptocurrency.
  • “Spendable” digital currency can be securely stored on smartphones because of a Trusted Execution Environment (TEE).

Samsung Electronics, one of the world’s largest smartphone manufacturers, recently stated in an official blog post that mobile-based crypto wallets are the best and safest option for cryptocurrency “short-term and medium-term storage.”

The post explains that smartphone-based cryptocurrency wallets are a fairly secure place to hold digital “spending money,” equivalent to the amount of fiat one would keep in a physical wallet. For storing cryptocurrency on a long-term basis, Samsung recommended creating several backups of the private key associated with crypto wallets.

Offline Storage Preferred

The smartphone maker added that private keys should be stored offline to maximize security, which means they should not reside on a mobile phone or any other device regularly connected to the internet. Samsung added that private keys are to be kept in cold storage (offline) to maximize protection.

Samsung’s blog post argues that smartphone-based crypto wallets are the safest place to store “spendable” cryptocurrency because of a mobile phone feature called Trusted Execution Environment (TEE). The TEE runs in its own independent execution environment, which means that its random-access-memory (RAM) and persistent storage (usually a hard-drive) are separate from a smartphone’s main operating system.

Due to a separate run-time environment, the Android OS can’t directly access the TEE, even if the operating system has been hacked. Moreover, the TEE can only be accessed via an application programming interface (API), Samsung’s blog notes.

The smartphone manufacturer refers to the small-sized apps in the TEE as “trustlets” and notes that all reliable mobile-based cryptocurrency wallets restrict and control access to users’ private keys by keeping them in seemingly impenetrable trustlets.  Per Samsung, this helps ensure “security is seriously tight,” as it’s nearly impossible for malware to reach private keys stored this way.

Vulnerabilities Still Exist

The smartphone company added that its Samsung Knox platform’s TEE provides an even greater level of security. It warned that since TEE hardware is not available on laptop and desktop computers, the private keys stored in these devices may be easily compromised.

Despite the high level of security TEEs offer, Samsung claims a novice programmer can potentially make the mistake of designing a crypto wallet that stores private keys on a smartphone’s hard drive, making it vulnerable to hackers. Moreover, wallets themselves can be infected with malware on purpose.

Interestingly, Samsung’s blog post comes shortly after Ethereum wallet interface MyEtherWallet released a ‘hardware wallet’ app beta for iOS, which it claims could give users the same security cold-storage solutions do.

Bitcoin Investors Reportedly Lose Millions in South African Exit Scam

Michael LaVere
  • VaultAge Solutions CEO Willie Breedt is being accused of making off with millions in investor bitcoin.
  • Breedt allegedly fled the country for Mozambique and has not communicated with investors since December 2019. 

South African cryptocurrency investors are accusing the CEO of VaultAge Solutions of stealing millions in crypto before going on the run. 

According to a report by AllAfrica, Willie Breedt, the CEO of cryptocurrency investment firm VaultAge Solutions, is presumed to be on the run after not making public communications since December 2019. The report claims Breedt was speculated to be staying near the town of Jeffrey’s Bay and that his whereabouts where being looked into by the country’s criminal investigation unit. 

However, South Africans who invested cryptocurrency with the now-defunct firm fear the CEO may have fled the country for Mozambique. 

Breedt is accused of stealing millions from bitcoin investors. The report claims VaultAge Solutions is not registered as a legitimate financial institution with the Financial Services Conduct Authority (FSCA), despite having more than 2000 investors. 

The report quoted investor Lettie Engelbrecht from Krugersdrop, 

We are pensioners and invested R200 000. From December until April, we received payments on the growth of our investment. Since then, we never got any money. We are desperate and living on a shoestring budget.

One South African investor reportedly had deposited more than R6 million ($342,000) with Breedt’s company. 

Breedt delivered a written reply to local outlet News24, explaining, 

I am busy attending to the commitments I have made to members. The commitment is to have all the initial capital paid back by 31 May.

Colonel Katlego Mogale of the Directorate for Priority Crime Investigation (DPCI) said authorities are investigating the case but cannot reveal any more information “at this stage.”

Featured Image Credit: Photo via Pixabay.com