Smartphones Are the Safest Devices to Store Cryptocurrency, Samsung Says

Omar Faridi
  • Samsung Electronics says smartphones are the safest device to store cryptocurrency.
  • “Spendable” digital currency can be securely stored on smartphones because of a Trusted Execution Environment (TEE).

Samsung Electronics, one of the world’s largest smartphone manufacturers, recently stated in an official blog post that mobile-based crypto wallets are the best and safest option for cryptocurrency “short-term and medium-term storage.”

The post explains that smartphone-based cryptocurrency wallets are a fairly secure place to hold digital “spending money,” equivalent to the amount of fiat one would keep in a physical wallet. For storing cryptocurrency on a long-term basis, Samsung recommended creating several backups of the private key associated with crypto wallets.

Offline Storage Preferred

The smartphone maker added that private keys should be stored offline to maximize security, which means they should not reside on a mobile phone or any other device regularly connected to the internet. Samsung added that private keys are to be kept in cold storage (offline) to maximize protection.

Samsung’s blog post argues that smartphone-based crypto wallets are the safest place to store “spendable” cryptocurrency because of a mobile phone feature called Trusted Execution Environment (TEE). The TEE runs in its own independent execution environment, which means that its random-access-memory (RAM) and persistent storage (usually a hard-drive) are separate from a smartphone’s main operating system.

Due to a separate run-time environment, the Android OS can’t directly access the TEE, even if the operating system has been hacked. Moreover, the TEE can only be accessed via an application programming interface (API), Samsung’s blog notes.

The smartphone manufacturer refers to the small-sized apps in the TEE as “trustlets” and notes that all reliable mobile-based cryptocurrency wallets restrict and control access to users’ private keys by keeping them in seemingly impenetrable trustlets.  Per Samsung, this helps ensure “security is seriously tight,” as it’s nearly impossible for malware to reach private keys stored this way.

Vulnerabilities Still Exist

The smartphone company added that its Samsung Knox platform’s TEE provides an even greater level of security. It warned that since TEE hardware is not available on laptop and desktop computers, the private keys stored in these devices may be easily compromised.

Despite the high level of security TEEs offer, Samsung claims a novice programmer can potentially make the mistake of designing a crypto wallet that stores private keys on a smartphone’s hard drive, making it vulnerable to hackers. Moreover, wallets themselves can be infected with malware on purpose.

Interestingly, Samsung’s blog post comes shortly after Ethereum wallet interface MyEtherWallet released a ‘hardware wallet’ app beta for iOS, which it claims could give users the same security cold-storage solutions do.

Weekly Newsletter

7 Arrested Following Kidnapping and Attempted 80 Bitcoin Ransom in India

Samuel Haig

Six men and one woman were arrested in India on July 14th for kidnapping three people in an attempted ransom that saw the assailants demand 80 bitcoins in exchange for their victims' safety.

The three victims were rescued after being held captive for more than 15 days following a 13-hour search operation of an 11-story apartment in Jaipur, the capital city of India’s Rajasthan state. Five of the individuals arrested are members of a gang based in the North Indian state of Haryana who have been involved with multiple cases of kidnapping, extortion, and robbery.

Kidnapper Accidentally Arrested During Search for Stolen SUV

Deputy commissioner of Jaipur West police, Vikas Sharma, stated that police accidentally encountered one of the abductors during the search for a stolen SUV traced to a township on the Ajmer highway. "When the police team entered the township, a man was seen fleeing. He was caught and upon questioning he told police that three men were held hostage in a flat for several days," he stated.

After using CCTV footage to identify the apartment blocks in which the captives were being held, deputy commission Sharma stated that  “Police teams from six police stations and commandos from anti-terror squad were called in for a search operation.”

The seven individuals arrested were identified as 21-year-old Jitendra Kumar, 22-year-old Deepak Kumar, 19-year-old Anupam Soni, 20-year-old Pawan Kumar, 19-year-old Bhawani Singh, 19-year-old Rahul Kumar, and 24-year-old Lokendra Singh. All of the kidnappers are from Haryana except for Lokendra Singh, who is from Rajasthan.

Jaipur police are yet to determine whether other individuals were also involved in the kidnapping.

Victims Were Tortured While Held in Captivity

Jaipur police revealed the identities of the three rescued individuals as 19-year-old Luftan Shaikh of Mahrashtra, 44-year-old Malang Shah of Andhra Pradsh, and 36-year-old Mohammad Shazad of Rajasthan.

Deputy commissioner Sharma stated that “The gang kidnapped Shaikh and Shazad, two bitcoin traders, and demanded 80 bitcoins worth ₹8 crore (approximately $1,165,880). Shah was kidnapped two days later. The gang demanded ₹10 lakh (roughly $14,573.50) from his family members.”

Luftan and his friend Shahjad were lured to Jaipur under the guise of an offer the purchase BTC below market value via an in-person transaction, while Shah, who operates a trust, believed he was traveling to Jaipur to negotiate a contribution.

Deputy commissioner Sharma stated that the kidnappers “wanted to extort money from the trio. They held them hostage in the flat and had threatened to kill them if the demands were not met. The victims told police of being badly beaten with “belts, sticks, and other things” during their captivity, with one individual left unable to walk properly.

Jaipur police also seized “two pistols, one country-made gun and three SUVs” during the operation.