CoinSpot is Australia’s first ISO27001 certified cryptocurrency exchange
How do you gauge exchange security standards without being an expert?
We now present some context.
ISO27001 is the international standard for information security management. It lays out a series of best practices for managing and securing information assets.
Naturally, it's especially applicable to cryptocurrency exchanges where cryptocurrency itself is an information asset that needs to be secured.
But as of 2018, there were only an estimated 264 ISO267001 certificates in Australia. And today there is only one Australian exchange certified to that level – that's CoinSpot.
While you can follow ISO27001 standards without being certified, getting certified is how a company confirms that it is following those best practices, as verified by an accredited standards auditor.
This isn't just for the sake of impressing customers. The certification is a legitimately practical exercise for a company that wants to prove to itself that it's following information security best practices.
Gemini got ISO27001 certified in 2013 because it's frankly a bit of a show-off when it comes to anything security or compliance related.
But most exchanges wait until something bad happens before they get certified. Binance only got ISO27001 certified in September 2019, in the wake of a $40 million hack, and a couple of years ago South Korean exchanges Korbit and GoPax obtained the certification after a series of exchange hacks.
After being hacked multiple times, Bithumb decided to go for the certification.
Meanwhile in Australia
CoinSpot is unique as the only Australian cryptocurrency exchange to get certified, but it's also quite unusual internationally in that it's getting certified even though as far as anyone knows it's never been hacked.
For the end user, that certification could be a good way of separating the certifiably high-security exchanges from potential pretenders, without being a cybersecurity expert.
As we've seen from incidents like Cryptopia, QuadrigaCX and many more, all exchanges will claim to be completely secure even if they're not. You can't take exchange security claims at face value, but you can trust legitimate ISO27001 certificates.
If South Korea's certification race is any indication, Australian exchanges might start moving to keep up with the new benchmark.
But until then, it looks like CoinSpot might certifiably be Australia's most secure cryptocurrency exchange.
Disclosure: The author holds BNB, BTC at the time of writing.
- How one Bitcoin whale mangled the network
- “Got a lot wrong”: Goldman Sachs tries dissuading investors from Bitcoin
- Survey: Millennials more pro-Bitcoin now than in 2017, age 65+ less
- What old Bitcoin transfers tell us about the value of a coin
- Bitcoin prices take pessimistic tone after failing to reach US$10k