Coinbase on Monday launched Coinbase Exchange, the first regulated bitcoin exchange in the United States.
The firm raised US$75 million last week in a round of funding from new backers including DFJ Growth and BBVA Ventures, as well as existing investors Andreessen Horowitz, Union Square Ventures and Ribbit Capital.
Coinbase beat out Cameron and Tyler Winkelvoss, famed for suing Facebook, who are working on their own U.S.-based regulated bitcoin exchange, named “Gemini.”
Coinbase Exchange debuted in 24 U.S. states, but the launch was bedeviled with problems. Some pages reportedly failed to load completely, and some users had problems with access.
The exchange will undergo regular IT security and financial audits, Coinbase said. Further, 97-98 percent of customer bitcoins — depending on whether you’re reading the landing page or the security practices page — are stored entirely offline.
Sensitive data is disconnected entirely from the Internet. It is then split with redundancy, encrypted with AES-256, and copied to FIPS-140 USB drives and printed out as paper backups. The drives and paper backups are distributed geographically in safe deposit boxes and vaults around the world.
Coinbase employees undergo criminal background checks and have to encrypt their hard drives, use strong passwords and enable screen locking.
The company uses separate passwords and two-step verification with each device and service. It also uses SQL injection filters and rate-limits various actions, such as login attempts, on the site.
Passwords are hashed, application credentials are kept separate from the database and code base, and there’s a bug bounty program in place.
Coinbase is insured against hacking, internal theft, and accidental loss for more than the maximum value of bitcoins it is holding in online storage at any given time.
The insurance policy kicks in when bitcoins stored are lost or stolen due to a breach of its physical security or cybersecurity, or because of employee theft.
However, damages resulting from a specific user’s loss — such as losses caused by the user’s login credentials being compromised — are not covered. There are standard policy exclusions, such as force majeure.
Coinbase vs. Gemini
Coinbase’s exchange has the implicit backing of the New York Stock Exchange, one of its existing investors, but it’s not yet clear whether the company has sought or is seeking approval from the New York State Department of Financial Services, which is working on a set of rules known as the “BitLicense.”
In contrast, the Winkelvoss brothers are working with NYDFS to ensure Gemini complies with those regulations.
Why Bitcoin Exchanges Are Good
The round of funding Coinbase closed last week indicates that “there is venture capital out there looking to support the creation of bitcoin exchanges,” noted Claes Bell, a banking analyst at Bankrate.com.
“Having an exchange that’s under some sort of regulatory oversight that conforms to somebody’s rules is probably a good thing, as long as those rules don’t extend into cyberspace,” remarked Mike Jude, Stratecast program manager at Frost & Sullivan.
“It’s the old perfect knowledge situation. If there’s perfect knowledge associated with a system, then nobody has an advantage,” he told the E-Commerce Times. “One of the problems with bitcoin is nobody has perfect knowledge, so it’s easy for unscrupulous people to game the system.”
Issues With Bitcoin Exchanges
The real question is whether these exchanges will last, said Bankrate.com’s Bell. “Will they have the same issues with hacking and fraud that other exchanges have had in the past? And even assuming they can avoid those pitfalls, will there be real consumer demand out there for exchange services?”
Bitcoin exists “to set currency, and global commerce, free from governmental regulations and oversight,” he pointed out, and by cooperating closely with regulators, “it would seem bitcoin exchanges would be undermining that mission.”
So, Bell asked, “what’s the rationale now for bitcoin if you’re not building a techno-libertarian paradise?”