Author

Topic: How can we address wallet security on mobile devices? (Read 588 times)

sr. member
Activity: 254
Merit: 1258
mobile is not secure..
what if your phone break what if app is fake..
there are many option to use .. but to make it sure use a lot of wallet and distribute your bitcoin
You have a backup of your private key just like for your pc if your phone breaks, that isn't an issue. I wrote an article on this very subject on my blog but it was for a cold storage or a more secure wallet which relied on a cheap android phone (40$ or so dollars) and loading only the ethreum apk and using your main phone as a hotspot wifi when needed spend coin. Would mean carrying around 2 phones but you could always keep it in the glove compartment until you go shopping or out to eat.

I have read ledger has made a solution though https://www.youtube.com/watch?v=ndr4POhQntk&feature=youtu.be
legendary
Activity: 1148
Merit: 1014
In Satoshi I Trust
the danger is that some people might hold 10k in BTC on their stupid phone  Lips sealed

so we need some stuff like this i guess:

http://insidebitcoins.com/news/bitsim-turns-any-mobile-phone-into-a-bitcoin-wallet/32213
sr. member
Activity: 462
Merit: 250
www.AntiBitcoinTalk.com
mobile is not secure..
what if your phone break what if app is fake..
there are many option to use .. but to make it sure use a lot of wallet and distribute your bitcoin
hero member
Activity: 812
Merit: 1000
Just use Mycelium and treat it like a traditional wallet (don't carry more than you can afford to lose). You can even carry additional funds in the form of a paper wallet that you can import while you are out.

Is phone security really that bad? (I've never had an issue.)

This is the safest method and should be applied by everyone not only on their mobile device but to their hot wallet on their PC as well, keep small amount of money their for everyday needs and keep rest of them in a paper wallet and Mycelium is the only mobile wallet afaik which has the option to import private keys which makes it super safe imo.
legendary
Activity: 1512
Merit: 1012
You can use iOS, as it is a walled garden, as people say, and it is secure enough for small quantities. You can also use an unrooted Android... same thing, secure enough for small quantities. One can also argue that a rooted Android and an advanced user is a secure combination (something more questionable).

I think current mobile OS's have enough security for mobile wallets. They're made to have just some change, after all. We can address problems by having penetration testing on software releases and continuous support/updates/teams making bug fixes... which we already have.

Don't forget most problems are between the keyboard and the chair, not the keyboard and the monitor Wink

Good points. I guess the ultimate answer really is just don't store large amounts of money on your mobile for long periods of time. Plan your spending and only transfer the amounts you need right now to your mobile wallet. It makes sense plus it has the added benefit of teaching people to plan their purchasing.

Exactly! We will always have this issue, on any kind of software, even if it is proven to be really secure... It might not be. Or it might be, and we'll never really know it for sure Smiley
newbie
Activity: 40
Merit: 0
You can use iOS, as it is a walled garden, as people say, and it is secure enough for small quantities. You can also use an unrooted Android... same thing, secure enough for small quantities. One can also argue that a rooted Android and an advanced user is a secure combination (something more questionable).

I think current mobile OS's have enough security for mobile wallets. They're made to have just some change, after all. We can address problems by having penetration testing on software releases and continuous support/updates/teams making bug fixes... which we already have.

Don't forget most problems are between the keyboard and the chair, not the keyboard and the monitor Wink

Good points. I guess the ultimate answer really is just don't store large amounts of money on your mobile for long periods of time. Plan your spending and only transfer the amounts you need right now to your mobile wallet. It makes sense plus it has the added benefit of teaching people to plan their purchasing.
legendary
Activity: 2940
Merit: 1865
...

I keep about BTC0.2 in my blockchain wallet on iPhone.  So far I have never "used" it (spent it), other than receiving some BTC from an ATM in NYC (tale told elsewhere), I have not been to any cafes where I could buy anything with BTC.

So, I sent the "more than I could afford" to other wallets and just keep the +/- $50 worth of BTC on my iPhone's wallet.

Almost all the larger balance is on Ledger Nano & Trezor.
hero member
Activity: 798
Merit: 1000
Move On !!!!!!
Well mycelium works great in my opinion. Security wise it is pretty well designed in my opinion as well. I am personally using it with the Trezor and I am feeling pretty secure.

People that don't have Trezor I think can also feel secure. But that's my opinion! Everyone should judge in their opinion and use as they feel the safest.
legendary
Activity: 1120
Merit: 1012
Just use Mycelium and treat it like a traditional wallet (don't carry more than you can afford to lose). You can even carry additional funds in the form of a paper wallet that you can import while you are out.

Is phone security really that bad? (I've never had an issue.)
legendary
Activity: 1512
Merit: 1012
You can use iOS, as it is a walled garden, as people say, and it is secure enough for small quantities. You can also use an unrooted Android... same thing, secure enough for small quantities. One can also argue that a rooted Android and an advanced user is a secure combination (something more questionable).

I think current mobile OS's have enough security for mobile wallets. They're made to have just some change, after all. We can address problems by having penetration testing on software releases and continuous support/updates/teams making bug fixes... which we already have.

Don't forget most problems are between the keyboard and the chair, not the keyboard and the monitor Wink
newbie
Activity: 40
Merit: 0
There's no doubt about it, people want to use Bitcoin on their mobile devices and, in such a connected world, there's no particular reason that mobile woudn't be the next frontier for Bitcoin. But mobile security is a pretty scary place.  So my question is pretty simple:

In your opinion, what is the safest way to run a Bitcoin wallet on a mobile device? I don't mean a watch-only wallet, I mean a fully functional wallet.  Let's assume for this discussion that "don't" and "convince the OS makers to make security better" aren't valid answers since those don't address the need right now.

Most folks are not concerned about security until they have a problem. The safest but still convenient way to use bitcoin on Android are Mycelium wallet using Trezor to hold your private keys. Yes, you have to sign each payment with the Trezor but it is not that much trouble.

I totally agree but this doesn't seem possible for the cheaper devices since some of them don't support USB2GO. For example, a friend of mine has a rooted Galaxy Tab 3 and, while the firmware supports USB2GO, the hardware apparantly doesn't. It's absolutely the most secure but is it really feasible to ask people to either buy fairly more expensive tablets plus a Trezor just to store some Bitcoin? I suppose the answer to that depends on how many Bitcoin we're talking about, but it just seems like a bit much.
legendary
Activity: 1806
Merit: 1164
There's no doubt about it, people want to use Bitcoin on their mobile devices and, in such a connected world, there's no particular reason that mobile woudn't be the next frontier for Bitcoin. But mobile security is a pretty scary place.  So my question is pretty simple:

In your opinion, what is the safest way to run a Bitcoin wallet on a mobile device? I don't mean a watch-only wallet, I mean a fully functional wallet.  Let's assume for this discussion that "don't" and "convince the OS makers to make security better" aren't valid answers since those don't address the need right now.

Most folks are not concerned about security until they have a problem. The safest but still convenient way to use bitcoin on Android are Mycelium wallet using Trezor to hold your private keys. Yes, you have to sign each payment with the Trezor but it is not that much trouble.
newbie
Activity: 40
Merit: 0
There's no doubt about it, people want to use Bitcoin on their mobile devices and, in such a connected world, there's no particular reason that mobile woudn't be the next frontier for Bitcoin. But mobile security is a pretty scary place.  So my question is pretty simple:

In your opinion, what is the safest way to run a Bitcoin wallet on a mobile device? I don't mean a watch-only wallet, I mean a fully functional wallet.  Let's assume for this discussion that "don't" and "convince the OS makers to make security better" aren't valid answers since those don't address the need right now.
Jump to: