Pages:
Author

Topic: Do Hardware wallet Manufacturers Ship to PO Boxes or Not? - page 2. (Read 659 times)

legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
I look it at closer to the fact that a single trusted user doing it as a side hustle that only deals with hardware wallets is more likely to get away with the 'I don't keep records' thing if something happens then a full service company.
Yeah, that's a fair point. I guess you would then need to weigh up the pros and cons of not having your details shared with a hardware wallet manufacturer and all their third party buddies on one hand, versus inserting a third party in to the delivery chain and the theoretical risk of supply chain attacks. And even if you trust the third party not to attack your hardware wallet, do you also trust them to be as honest as they claim with your personal details and have a rock solid security set up?

But I guess if you are like me, and are getting to that level of paranoia, then the best option is probably going to be to ignore hardware wallets altogether and use an airgapped computer instead.

I look at it more as OP-Sec then paranoia. Going with the assumption (yeah I know assumption) that a trusted user here is a low risk source for supply chain attacks then it is IMO somewhat easy to be invisible.
Disposable email -> new account -> contact shipper-> give info -> send BTC -> wait for delivery.

It could be you contacting the shipper, it could be theymos, it could be anyone, does not matter they would just need a name and address to ship to.

Taking about edge cases here, but still interesting to throw ideas around.

-Dave

hero member
Activity: 910
Merit: 5935
not your keys, not your coins!
However, I'm not sure why Passport batch2 is not yet available from European resellers.
Are they not still at the pre-order phase? I wouldn't expect re-sellers to offer them for sale until they had confirmation from Foundation Devices that their shipment was complete and ready to go.
They are, but it should have been possible to do preorders through resellers, in my opinion.
Not sure how they handled it in batch 1, but that was a preorder, too. I believe that resellers just bought / preordered a fixed amount and - well - resold it in their stores.

What kind of delivery fees or customs/import fees would you be looking at to import to the EU from the US? And I presume a PO Box would be out of the question in such a case.
We usually need to pay VAT and import tax if it's above some threshold (like around 100 bucks). Yes, the PO box shipping is a problem when importing stuff.
Therefore I made sure to order in a different way.

Never forget!
A bar code rather than a QR code? What is this, the 90s!? Did you find that picture on Geocities? Tongue
It is the 90s! Cheesy The Perl code is actually from adam3us.
legendary
Activity: 2730
Merit: 7065
And how does it work in the EU with imports? Will there be a customs fee or import charge on top of that as well? Or is that what they mean by the tax and duty fee they've already included?
I am not sure if the customs fee is included in that estimate. Since the package comes from the USA (a non EU country), customs fees and VAT will surely be added on top of the price of the product. There might be additional charges as well. I don't have more information about what the total fees are for electronic devices such as hardware wallets. It's surely different from country to country. Maybe Buying goods online coming from a non-European Union country can help.
legendary
Activity: 2268
Merit: 18771
-snip-
Ooft. That's an extra $100 on top of what is already not a cheap device. And how does it work in the EU with imports? Will there be a customs fee or import charge on top of that as well? Or is that what they mean by the tax and duty fee they've already included?

Still, looking at the EU reseller, they are charging $335 at current conversion rates for the original Passport, while the official site is charging $260 for the new model. Guess you'll need to wait and see what price the resellers charge for the new model to see which is the better option for you.
legendary
Activity: 2730
Merit: 7065
What kind of delivery fees or customs/import fees would you be looking at to import to the EU from the US? And I presume a PO Box would be out of the question in such a case.
The official shop doesn't show clear information about the tax fees during checkout. But shipping it to the EU from the USA would cost you from $24 to $45 depending on the speed of delivery. There is also an estimation about taxes that says:

Quote
Estimated USD 53.8 tax & duty due on delivery (Tax handling fees may apply)
https://foundationdevices.com/checkout/#cfw-shipping-method
Depending on the shipping method, the tax & duty amount changes to $56.95 and $57.93.

I made a similar inquiry just to see how much it would cost to have a Foundation device delivered to a South American country. Shipping fees are $25 to $53 for Argentina. The tax and duty fees are estimated at $59 to $65 depending on shipping method.
legendary
Activity: 2268
Merit: 18771
I look it at closer to the fact that a single trusted user doing it as a side hustle that only deals with hardware wallets is more likely to get away with the 'I don't keep records' thing if something happens then a full service company.
Yeah, that's a fair point. I guess you would then need to weigh up the pros and cons of not having your details shared with a hardware wallet manufacturer and all their third party buddies on one hand, versus inserting a third party in to the delivery chain and the theoretical risk of supply chain attacks. And even if you trust the third party not to attack your hardware wallet, do you also trust them to be as honest as they claim with your personal details and have a rock solid security set up?

But I guess if you are like me, and are getting to that level of paranoia, then the best option is probably going to be to ignore hardware wallets altogether and use an airgapped computer instead.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
Makes you wonder if there is a business model here of re-shipping crypto wallets.
There already exist several companies which you can use to receive mail or packages and then forward to another address without opening, such as iPostal1, Traveling Mailbox, or Anytime Mailbox. It would be preferable to use a general company which forwards any package as opposed to one which only forwards hardware wallets, for the exact reason that if the forwarding company leaks user data, then if they only deal with hardware wallets then you are back at square one.

I look it at closer to the fact that a single trusted user doing it as a side hustle that only deals with hardware wallets is more likely to get away with the 'I don't keep records' thing if something happens then a full service company. I know a lot of the mail forwarding places do keep records and have handed them over to the authorities if requested. The o_e_l_e_o re-ship service could get away with a lot more, and if you are ordering the device yourself you have 0 concern about someone shipping you a pound of meth that you then forwarded on...

Taking it a step past that you could always keep a few of the more popular ones sitting around and then just ship from stock, but when the next model comes out you might be stuck with the old one.

You would never get rich doing this, but beer money is good :-)

-Dave
legendary
Activity: 2268
Merit: 18771
However, I'm not sure why Passport batch2 is not yet available from European resellers.
Are they not still at the pre-order phase? I wouldn't expect re-sellers to offer them for sale until they had confirmation from Foundation Devices that their shipment was complete and ready to go.

What kind of delivery fees or customs/import fees would you be looking at to import to the EU from the US? And I presume a PO Box would be out of the question in such a case.

Never forget!
A bar code rather than a QR code? What is this, the 90s!? Did you find that picture on Geocities? Tongue
hero member
Activity: 910
Merit: 5935
not your keys, not your coins!
I'm not 100% sure about it, but I believe it depends more on the individual country's laws than on what the wallet manufacturer.
This, and the mail carrier they use. Note the disclaimer given on the BitBox link that Pmalek has included in his first post:

All parcels need to be processed by a local customs office in your country for international shipments. Whether they allow a PO Box/access point as the recipient address depends on each country. Please be prepared for UPS to contact you and ask for an alternative address if they cannot deliver to a PO Box in your country.
I'd advice to always order 'locally' (this usually includes whole EU if you're in the EU) exactly because of this. However, I'm not sure why Passport batch2 is not yet available from European resellers. Luckily, I can receive online orders in the US at the moment, but if all EU-based customers need to import, that would really suck.

Of course such a proposal is crazy and could never work in practice, but these are the same people who are trying to ban encryption, so I wouldn't put something equally stupid like this past them for a second.
Never forget!

legendary
Activity: 2268
Merit: 18771
Although, considering that some EU politicians and bureaucrats have visions of even stricter regulation when it comes to cryptocurrencies, I would not be surprised if Ledger and similar companies start demanding strict KYC for every customer.
Wouldn't surprise me. We know from things like AOPP and FATF documents that in the US the government want to move to a system where every address is KYC linked, and that they want all centralized exchanges, platforms, or services which allow withdrawals to personal wallets to ensure every withdrawal address is KYC linked. It's not a huge step from there to imagine them wanting a system where every wallet, software or hardware, requires KYC linking first. Of course such a proposal is crazy and could never work in practice, but these are the same people who are trying to ban encryption, so I wouldn't put something equally stupid like this past them for a second.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
~snip~
With all the time Ledger can spend integrating debit cards and instant exchangers and other privacy invading trash in to Ledger Live, you would think they could just set up their own instance of BTCPay or similar.

Maybe they would do that if they understood how important the privacy and security of their clients is. The way they tried to minimize the damage they caused to their clients when the database was hacked perhaps best shows that such things are not very important to them. Although, considering that some EU politicians and bureaucrats have visions of even stricter regulation when it comes to cryptocurrencies, I would not be surprised if Ledger and similar companies start demanding strict KYC for every customer.

A few days ago, I read that an online casino is asking for verification in such a way that the user has to take a selfie with a newspaper in his hands, in front of a sign with the name of his street and house number... Roll Eyes
legendary
Activity: 2268
Merit: 18771
For other hardware wallets I think that UPS mailboxes are better option than PO boxes in US, or simply use any alternative  delivery address.
Yet another option is to use general delivery or poste restante, where your package is simply delivered to a post office and you later go pick it up. You will still have to reveal your name, but not your address, and you can always use a post office in a completely different city/county/state to obfuscate things further.

I'm not 100% sure about it, but I believe it depends more on the individual country's laws than on what the wallet manufacturer.
This, and the mail carrier they use. Note the disclaimer given on the BitBox link that Pmalek has included in his first post:

All parcels need to be processed by a local customs office in your country for international shipments. Whether they allow a PO Box/access point as the recipient address depends on each country. Please be prepared for UPS to contact you and ask for an alternative address if they cannot deliver to a PO Box in your country.
legendary
Activity: 2730
Merit: 7065
For other hardware wallets I think that UPS mailboxes are better option than PO boxes in US, or simply use any alternative  delivery address.
Ledger's support told me that they only work with DHL in the United States, and according to them, DHL doesn't deliver packages to PO Boxes. Their suggestion is using regular mail if you are a US customer.

So therefore it would be useful to also add official (overseas, with respect to manufacturer location) resellers to the list.
For example, US-based Foundation Devices sells in EU through https://shop.btcdirect.eu/, so it would be helpful to know whether they sell through PO boxes (though they apparently don't yet sell batch 2) for EU-based customers.
Adding one or two more columns with reseller information is certainly doable. Contacting each individual reseller to ask them about PO boxes is quite the task though. I know that Ledger and Trezor have dozens of them worldwide. Since you mentioned Foundation Passport, I know they have 3 official resellers in the EU. The one you mentioned is for the UK, but there is also Cryptomaan and Bitcoin Brabant for Belgium and The Netherlands. There is also a company in Slovenia called Eventus sistemi, but they are not mentioned in the EU list. They are in a "Distributors" category at the end of the page. 
hero member
Activity: 910
Merit: 5935
not your keys, not your coins!
~
Great list, very valuable information! Unfortunately, it doesn't include information about export / import.
I'm not 100% sure about it, but I believe it depends more on the individual country's laws than on what the wallet manufacturer.

So therefore it would be useful to also add official (overseas, with respect to manufacturer location) resellers to the list.
For example, US-based Foundation Devices sells in EU through https://shop.btcdirect.eu/, so it would be helpful to know whether they sell through PO boxes (though they apparently don't yet sell batch 2) for EU-based customers.
legendary
Activity: 2212
Merit: 7064
It's strange that Keystone wallet is not supporting PO Boxes when they recently opened dedicated Amazon shop in Europe.
For other hardware wallets I think that UPS mailboxes are better option than PO boxes in US, or simply use any alternative  delivery address.
If I could choose I would always try to buy them locally in official shops.

Ledger use BitPay? Ugh. Imagine completing BitPay's KYC requirements to buy a hardware wallet. What a ridiculous security risk.
They are widely known for their ''famous'' security practices, especially when you combine BitPay kyc with millions of leaked private information  Tongue
legendary
Activity: 2268
Merit: 18771
Makes you wonder if there is a business model here of re-shipping crypto wallets.
There already exist several companies which you can use to receive mail or packages and then forward to another address without opening, such as iPostal1, Traveling Mailbox, or Anytime Mailbox. It would be preferable to use a general company which forwards any package as opposed to one which only forwards hardware wallets, for the exact reason that if the forwarding company leaks user data, then if they only deal with hardware wallets then you are back at square one.

Do you think BitPay is different from Coinbase Commerce Crypto.com Pay, for example? I assume that the same type of verification would be required by most of them.
BitPay are the worst possible payment provider in existence. While I'm not crazy about any custodial payment process, I just tried to place some test orders via Crypto.com and Coinbase Commerce out of interest. Crypto.com just ask for an email address, which can obviously be a burner, and Coinbase Commerce don't ask for anything at all. BitPay, on the other hand, require a fully KYCed account in order to place an order. which is just ridiculous, especially for a hardware wallet manufacturer.
legendary
Activity: 2730
Merit: 7065
Ledger use BitPay? Ugh. Imagine completing BitPay's KYC requirements to buy a hardware wallet. What a ridiculous security risk.
I think all of them accept crypto through one or the other service provider. I didn't check the online shops for all brands if the support agents told me exactly which crypto assets are accepted. But I think I should do that for those that are missing to ensure the info is 100% correct. Do you think BitPay is different from Coinbase Commerce Crypto.com Pay, for example? I assume that the same type of verification would be required by most of them.

I couldn't find anything for KeepKey, but here's a "tweet from Coldcard" that mentions they support shipping to P.O. Boxes on their Coinkite store.
Excellent. Thanks for finding that. I will update the info in the table.

For what it's worth, I'm glad Trezor finally partnered with a new shipping company to make this possible [it wasn't possible a few months back].
I have my doubts about the knowledge of these support representatives. They might not have the full picture, who knows. I am sure you can't ship to PO boxes in all countries, and I can swear I heard that electronic devices can't be delivered to PO boxes.

This is certainly the first I've heard of Ledger using BitPay, but it could have been that way for years and I would have never known.
If you start the ordering process in their online shop and select to pay with crypto, you will eventually be redirected to BitPay. 
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
....If the only way of buying a Ledger online is either through a KYCed fiat method or a KYC enforcing bitcoin processor such as BitPay, then you should simply never buy a Ledger online. With all the time Ledger can spend integrating debit cards and instant exchangers and other privacy invading trash in to Ledger Live, you would think they could just set up their own instance of BTCPay or similar.

Makes you wonder if there is a business model here of re-shipping crypto wallets.
[Using I / me but could be anyone]

You pay me crypto for the wallet + a fee, I order however I want and get it shipped to me I then ship it to you while never opening the original shipping package.
Yes you would have to trust me, but since I would really not care or check you could have me ship it to someone else who would then ship / give it to you.

Probably a very small market, but would help some people feel more secure that there is no real way to trace hardware wallet 'xxx' to them.

-Dave

legendary
Activity: 2268
Merit: 18771
I don't remember it being necessary before and I haven't really used that processor for a long time
This is certainly the first I've heard of Ledger using BitPay, but it could have been that way for years and I would have never known.

The only safe way of shopping left is to find a physical store, put on a cap and a protective mask and pay with cash, preferably outside the place of residence.
Agreed. If the only way of buying a Ledger online is either through a KYCed fiat method or a KYC enforcing bitcoin processor such as BitPay, then you should simply never buy a Ledger online. With all the time Ledger can spend integrating debit cards and instant exchangers and other privacy invading trash in to Ledger Live, you would think they could just set up their own instance of BTCPay or similar.
legendary
Activity: 3234
Merit: 5637
Blackjack.fun-Free Raffle-Join&Win $50🎲
Ledger use BitPay? Ugh. Imagine completing BitPay's KYC requirements to buy a hardware wallet. What a ridiculous security risk.

I don't remember it being necessary before and I haven't really used that processor for a long time - but if every customer has to do KYC just to make a payment in Bitcoin then that's just another added risk in potentially compromising the privacy of anyone buying HW.

In a way, this makes every purchase that would be made through a PO box somewhat pointless, because even though Ledger does not know our data, the payment processor can always be hacked, and then the only question is which data will leak. The only safe way of shopping left is to find a physical store, put on a cap and a protective mask and pay with cash, preferably outside the place of residence.
Pages:
Jump to: