Updated March 2022.
User Conversations Lead To Updated Safety Tips
Users tell us what’s working, what kinds of features they want to see, and about lessons they have learned on their journey of investing in cryptocurrencies. These conversations have led to the following safety tips while participating in cryptocurrency offerings.
See also our FAQ section for frequently-updated answers — now with some video tutorials.
Here are some of the top safety and security tips gleaned from our community:
- Mind the WiFi. Before logging into the Abra app, best practice is to use a trusted WiFi, like your home network, or some other option that you have a high degree of trust. It’s best to avoid public WiFi networks, like from a busy coffee shop.
- Secure your phone. Automatically lock your phone. Use two-factor authentication (2FA) for added security. Remember that your phone is part of your security chai; it connects you to your crypto wallet. Create defensible space around your phone and treat it like one part of the key to the vault where you store your cryptocurrency keys.
- Hold on to your phone. Along those lines, keep your phone in your possession at all times. Again, your phone is now part of your crypto custody chain, so treat it like a valued set of keys.
- Ensure you’ve got a clean phone. While on the topic of phones — make sure you know where your phone came from. Buying a second-hand phone off the internet or using a jailbroken phone is not advised. You want a phone where you know its full security history and have confidence that you are the only one in complete control of what’s going on behind the scenes.
- Mind your hardware ports. One of the biggest risks and simplest ways to breach a phone’s security is through a hardware port. To ensure safety, make sure you either disable hardware ports or at least be aware of your external hardware connections.
- Avoid web-based exploits. Stop visiting sketchy websites, on your phone at least. You are probably already aware that these websites can be a backdoor into your devices and a way for bad actors to steal critical identifying information, arrange social engineering, and other kinds of attacks and takeovers.
- Get authentic Abra. Only download Abra through the Apple App store or from Google Play. Any other website or service that instructs you to download Abra is a fraud and is likely trying to steal your funds or start transacting on your behalf. If you see any suspicious Abra impersonators out there, please let us know at [email protected].
Abra app security and 2FA
We frequently get questions about why Abra doesn’t have two-factor authentication at the level of the app. The most straightforward explanation is because Abra only exists on your phone (or more accurately, your phone is what connects you to your assets on the blockchain).
So, if your phone is already compromised, sending a receiving a text confirming your ID to enter Abra wouldn’t work as a security measure.
The biggest takeaway from all of this is that you should try to keep your potential attack surfaces minimal. A big portion of these security threats can be managed by just beginning to think differently about your phone or mobile device.
Instead of merely a portal to the internet, think of it like a wallet or safe deposit box.
Keep in touch, and let us know if you have any other security-related questions or comments by emailing [email protected].
Established in 2014, Abra is on a mission to create a simple and honest platform that enables millions of cryptocurrency holders to maximize the potential of their assets. Abra enables both individuals and businesses to safely and securely buy, trade, and borrow against cryptocurrencies – all in one place. Abra’s vision is an open, global financial system that is easily accessible to everyone.
Based in the United States, Abra is available in over 150 countries and makes it easy to convert between crypto and a wide variety of local fiat currencies. With over 2MM customers, $7B in transactions processed, and $1.5B in assets under management, Abra continues to grow rapidly. Abra is widely loved and trusted – in April 2022, pymnts.com reviewed and rated Abra amongst the top 5 most popular crypto wallets in the market. Abra is backed by top-tier investors such as American Express Ventures and First Round Capital.
How Abra Protects Your Funds
Abra places clients’ financial objectives and security first. Abra practices a culture of risk management across all levels and functions within the organization.
Abra employs a state-of-the-art enterprise risk management framework that comprises a comprehensive set of policies, procedures, and practices detailing all applicable risk-related objectives and constraints for the entirety of the business. Abra has instituted a complete set of requisite systems and controls that continuously enforce these policies, procedures, and practices to manage all operations, including credit and lending. Abra’s independent Risk Committee comprises experienced compliance, risk, securities, and fraud operations professionals with backgrounds in industries ranging from traditional and digital assets banking, payments, remittance, to fintech.
Please visit our FAQ to learn more.
Harriton647 days ago
How does verification change when I change my nationality (hence changing ID). How would I update my Abra account
JEFF1697 days ago
I don’t buy “sending a receiving a text confirming your ID to enter Abra wouldn’t work as a security measure.”
Say if someone were to get ahold of your recovery phrase and recovers your wallet, they would still need to use 2FA to move your funds which they could not.
Daniel McGlynn1696 days ago
Since Abra is a non-custodial wallet, your recovery phrase is pretty much the key to your kingdom. If that’s compromised then a bad actor could sweep your assets to another wallet or platform. The main point is that if there is a security breach at that level, then there’s not too much that 2FA could protect against. That being said, security is very important to us. We will continue to work on security enhancements and improvements.