Security of assets has become one of the biggest concerns for crypto investors, especially since the Terra (Luna) debacle of last month. Amid a global crypto market meltdown, investors these days are wary of crypto exchanges and trading platforms as many of them often get hit by frauds and scams.
In an email interaction with financialexpress.com, Tigran Gambaryan, VP, Global Intelligence and Investigations at Binance shares how the world’s largest crypto exchange handles security issues to protect the interest of its users. Edited excerpts:
Have you come across frauds on the Binance platform? How do you handle them?
Binance’s security and investigations team has dealt with many different types of fraud and scams over the years. Binance actively monitors for and has successfully identified different exchangers, nested services, as well as individual accounts associated with criminal and terrorist activity as part of our ongoing Bulletproof Exchanger Project.
We identify suspicious activity through our AML detection system which uses signal intelligence techniques. We also analyze the connections to other exchangers and nested services typically used by criminal and terrorist groups. We also partner with public law enforcement and private sector AML organizations to monitor suspicious activity. From the initial seed of accounts provided by our partners, we conduct investigations that enable us to expand the suspect network by identifying other connections or indicators of compromise.
Finally, Binance goes above and beyond industry standards to detect bad actors through proactive measures and collaboration with public and private sector stakeholders. We proactively block users from sanctioned regions and do this through KYC and a variety of KYC/AML tools and vendors, including, but not limited to, Jumio, Onfido, WorldCheck, Elliptic, and CipherTrace.
How many attacks were there this year and how did you handle them?
As mentioned above, Binance’s security and investigations team has dealt with various types of fraud and scams over the years, including attacks from hackers. For security reasons, we cannot disclose specifics about these attacks.
Binance has a 150-strong security and investigations team. We lead the industry in solving the toughest security problems and work across the public and private sectors to increase the overall hygiene of the crypto ecosystem. One of the ways Binance does this is through a collaborative partnership with law enforcement agencies around the globe daily. We participate in law enforcement working groups targeting ransomware, human trafficking, and nation-state hacking.
Binance is also investing significantly in capabilities, especially on the security and investigations front. We employ sophisticated blockchain analysis tools, darknet research software, data analysis, and screening tools. Our team also continues to grow, adding the best investigators in the crypto space from across the globe.
We have many former law enforcement agents and federal investigators in our team, including myself who was formerly a special agent of the Internal Revenue Service-Criminal Investigation (IRS-CI) Cyber Crimes Unit in Washington, D.C. Most recently, we appointed Jarek Jakubcek, a leading global expert in cybercrime and former cryptocurrency specialist from Europol, as the Head of Intelligence and Investigations for the Asia Pacific region. This is a testament to the quality and talent within our investigations team.
What’s your view on the crypto concerns raised by RBI and the Government of India?
At Binance, we welcome the recent efforts to build a regulatory framework for crypto and virtual assets in India. We look forward to engaging with the relevant stakeholders to share regulatory best practices and kick off productive discussions around regulatory and tax frameworks that help adhere to fundamental market principles while achieving the goals of investor protection and market development.
We also believe there should be a collaborative approach across nations to define the right set of rules and guidelines for this space, as Prime Minister Shri Narendra Modi mentioned at a recent conference.
How safe are investors’ assets on Binance?
We are committed to ensuring compliance and protecting users globally. There are several initiatives that Binance has taken to ensure that users’ assets are safe on the Binance platform.
Binance is the first exchange with a secure fund to safeguard users in extreme cases, also known as SAFU Fund. The Secure Asset Fund for Users valued at $1 Billion in January 2022. SAFU is specially established by Binance to protect user interests. There are also additional platform-level security measures that Binance is keeping.
Binance’s risk management system monitors every withdrawal attempt, password reset, two-factor authentication reset and email address change in real-time. Also, Binance’s wallet and personal infrastructure feature advanced security measures, including multisig and threshold signature schemes (TSS). Binance protects user data, personal information and KYC information encrypted in a data storage. You can find more of our user protection efforts here.
Binance is also the first in the blockchain and cryptocurrency industry to join the National Cyber-Forensics and Trading Alliance (NCFTA). NCFTA identifies, validates, mitigates, and neutralizes cybercrime threats. Through the strategic partnership, NCFTA develops and shares threat intelligence in the international effort to combat and defeat cybercrime.
Are crypto exchanges doing enough to educate users against frauds?
Information and education are among the best defenses against fraud and scams. Closing the knowledge gap is an essential factor when it comes to crypto. Users have the right to accurate information on crypto assets, without fear of falling victim to unfair or deceptive advertising.
Through educational initiatives such as Binance Academy, Binance is dedicated to helping educate users on basic crypto practices, including wallet hygiene. Binance Academy is an open-access blockchain and crypto learning portal that hosts free educational resources in over 20 languages.
Binance also recognizes that as an industry leader, it is our fundamental responsibility to work with regulators to ensure that the industry protects users’ interests. As a company, we believe that a well-regulated crypto market provides greater protections for everyday users.
What does Binance do to protect traders from irresponsible trading behaviour?
Binance has a responsible trading program, which educates and reminds users to trade responsibly. We are the first exchange that has ever implemented this kind of program.
Binance has established several procedures to remind traders of impulsive trading behavior. For instance, when a trader experiences a losing streak or suffers a heavy loss, we continuously remind them of the risk involved in derivatives trading and encourage them to hold back on trading activities.
To encourage self-discipline and responsible trading, Binance launched the Cooling-off Period function for users to temporarily disable derivative trading activities and abstain from compulsive trading behavior.
The Cooling-off Period function is also available on margin trading. Margin traders can temporarily suspend margin-trading-related activities including isolated or cross-margin trading, and the borrowing of cryptocurrencies for a specific period.
What should Binance users do to ensure their funds are safe?
We keep users at the center of our decisions and prioritize their experience, security, and privacy above all else. While we do everything to keep accounts on our platform secure, users also have the power to greatly increase the security of their accounts.
Users can take seven simple steps to make sure that their cryptocurrencies are safely stored on Binance:
- Use a strong password and change it regularly
- Enable Two-Factor-Authentication (2FA)
- Check the list of devices authorized to access your account
- Manage your withdrawal addresses
- Learn about phishing and watch out for such scams
- Follow AP security guidelines
- Use Universal 2nd Factor (U2F) authentication
Binance is facing probes in countries like the US. What would you tell Indian users in the wake of such probes?
As the industry has grown at a rapid pace, Binance has been working very diligently to educate and assist law enforcement and regulators in the US and internationally, while also adhering to new guidelines. We will continue to meet all requirements set by regulators.
(Cryptos and other virtual digital assets are unregulated in India. They are considered extremely risky for investment. Please consult your financial advisor before making any investment decision)