You’ve probably heard plenty of news stories about viruses, ransomware, and other digital nasties that can lift your data and ruin your life. It seems like in our interconnected world, there’s always a hacker lurking somewhere nearby, even if they’re on the other side of the world, which means that if your Bitcoin wallet is sitting on a computer that gets compromised then somebody that you have no hope of finding could get at your private keys. If a hacker gets remote control of your computer and they get your private keys then you have effectively lost control of your crypto coins, because the intruder would then be able to move them elsewhere.
You could try using antivirus software because it’s usually pretty good at protecting your digital assets, but honestly, it isn’t always enough to guarantee that your machine will be safe. The problem is that some malware can trick the detection software into thinking that it’s a legitimate program, so it’s then free to run on your system with impunity.
Cryptocurrency hardware wallets are always going to be a far safer option than even the best software because there is simply no way of accessing them other than by being in the same room.
A hardware crypto wallet is a computer that’s been stripped down to its absolute basics. It has a couple of buttons and a small screen, and all it can do is sign transactions and store keys. Crypto hardware wallets usually look like USB devices, so in comparison to many modern systems they are quite primitive, but that’s to their advantage. The thinking behind this approach is that the more complexity you introduce to a device, the more chances a bad actor has of bypassing its security features—the simpler a device, the harder it is to hack.
- How Do Hardware Wallets Work?
- Hardware Wallets – Seed Phrase
- Top Crypto Hardware Wallets
- Crypto hardware Wallets Vulnerabilities
- Top Crypto Hardware Wallets
A simple crypto hardware wallet that isn’t connected to any network and is going to be impossible to compromise. This security method is known as ‘cold storage’, but there are hardware wallets that do connect to the Internet available too, and they are known as ‘hot wallets’.
How Do Hardware Wallets Work?
Since crypto hardware wallets are so simple, they are only able to sign transactions. They can’t prepare the transaction and send it to the network. Since that is something that you are going to need to do, you’ll have to hook your device up with your PC and run some software that can talk to it and get your transaction ready for signing.
Cryptocurrency hardware wallets will only permit certain data types to be used. When crypto hardware wallets receive a transaction from this ‘go-between’ program, they sign it themselves (not on the computer) and send it back. This means that your private key doesn’t leave the hardware wallet at any stage. The only thing in transit is the unsigned and signed transaction.
This simplistic approach allows cryptocurrency hardware wallets to be used with any computer, even a public one. The main consideration to keeping your crypto coins safe is to ensure that transactions you see on the PC screen match the one on the cryptocurrency hardware wallet’s screen.
Hardware Wallets – Seed Phrase
It’s relatively easy to set up a hardware wallet. You’ll need to write down some words that you’ll be given when you first start up the device. These words also go by the names of mnemonic phrases or seed phrases, and they’re what you need to restore any private keys that your crypto hardware wallets create. Anybody with access to these can control your cryptocurrency, so keep your seed phrase very safe.
Top Crypto Hardware Wallets
Twelve or more companies currently offer cryptocurrency hardware wallets and the top three at the moment are Ledger, TREZOR, and KeepKey. Each of them works in a slightly different way, so let’s take a look at what they do.
Trezor was launched early in 2014, and as the original cryptocurrency hardware wallet, it offers support for more than 1,000 crypto assets. Trezor runs on open-source software and hardware, with two models available: the Trezor One and the Trezor Model T. The Trezor One is the more affordable of the two, and is one of the biggest hardware wallets in the world. The Model T is designed to offer support for more cryptos than the Trezor One, along with extra security features. This model is also equipped with a user-friendly LCD touchscreen — that’s a significant UX improvement over the traditional button-based controls of the Trezor One.
Ledger was also established in 2014, and has become one of the most well-known providers of hardware wallets for crypto users. Ledger wallets are recognized for their user-friendly design, as well as their support for more than 1,250 cryptos. Ledger’s initial, most cost-effective wallet, Nano S, is capable of running three to six applications simultaneously. But the Nano X, available at a higher price point, is Bluetooth enabled and supports as many as 100 apps. Ledger takes security seriously, too: it integrates a certified secure chip for hosting private keys, while a custom OS (BOLOS) is designed to safeguard against attacks. BOLOS also keeps apps isolated from one another for further protection.
BitBox (now BitBoxo2) is a hardware wallet created by Shift Crypto, known for its minimalist approach. BitBox utilizes touch sensors capable of recognizing slide, hold, and tap gestures, providing a novel way to navigate or enter passwords. A display is included to verify transactions accurately. BixBox includes a secure chip that offers protection for recovery phrases, and instant backups to microSD can be managed via the BitBoxApp. This dashboard app is available on Android, macOS, Linux, and Windows. Two versions of the BitBox wallet are available: there’s a Bitcoin-only model and a Multi model. The latter offers support for Bitcoin, Litecoin, Ethereum, and ERC20 tokens.
Opendime was created by CoinKite. It’s a read-only USB drive hardware wallet able to store cryptocurrencies, though it’s more likely to be referred to as a Bitcoin Stick or a Bitcoin Bearer Instrument. With Opendime, there’s no support for digitally spending or receiving BTC. However, it enables you to spend BTC just as you would fiat coins. So, rather than making digital transactions, you’re able to pass ownership of the USB device to the recipient as you would when paying with cash. This drive works with any smartphone, laptop, or computer. Its text files and QR images carry the information required for transactions (e.g. addresses). Users often complement Opendime with ColdCard (see below), though it’s not essential.
This is another product from CoinKite, but for Bitcoin only. Coldcard mixes an open-source system and a secure element to deliver protection of the highest standard. Coldcard is regarded as the only hardware wallet offering an option to never require connection to a computer to operate at its fullest, for everything from generating seeds to signing transactions. This wallet features an integrated microSD slot for storage of data and reliable backup. Coldcard has a clear OLED screen (128×64 pixels) presenting all the vital information you need on transactions. The full-sized numerical keypad allows you to enter PINs easily and quickly. As a result, this wallet is user-friendly and suitable for all, from the greenest newcomer to the seasoned trader or HODler.
KeepKey, from ShapeShift, is a crypto hardware wallet providing support for in excess of 40 cryptocurrencies. This device features a sizable display for total transparency, and all transactions are required to be approved manually by tapping the confirmation button. When transactions are approved, assets will be exchanged via the wallet’s integration with the ShapeShift trading platform. KeepKeep includes PIN protection for security purposes, and enables you to create and manage private keys offline. Backup and recovery tools are also available, with straightforward functionality.
The Archos Safe-T mini is a French-made hardware wallet developed to be compatible with over 75 percent of cryptocurrencies on the market today, such as Bitcoin Cash, Bitcoin Gold, Bitcoin, Dash, Litecoin, Ether, ERC20 tokens, and many more. The Archos team continues to work on incorporating support for new cryptos, too. You can connect the Safe-T mini to a mobile or computer via a micro USB cable. An open-source system, based on Trezor’s proven software, powers the Safe-T mini.
SecuX’s series of hardware wallets includes multiple models: the V20, W10, and the W20. Each of these is equipped with a quality 2.8-inch color touchscreen, so they’re easy to use and enable you to confirm transactions physically. You can also double-check for potential mistakes before processing payments easily. SecuX implements a military-grade SE (Secure Element) for protecting private keys as well as your PIN code. The SecuX hardware wallets offer support for various cryptocurrencies, including Bitcoin, Ethereum, Litecoin, ERC20 tokens, and many others. You can connect SecuX wallets to a desktop computer through Bluetooth or USB, and to mobile devices through Bluetooth. The business responsible for this project, SecuX Tech, is known for a number of other products, such as their payment cloud, payment module, and their payment terminal.
CoolWallet (or the CoolWallet S) is a crypto hardware wallet the size of a credit card. This can connect to your devices through Bluetooth, and offers support for popular cryptocurrencies, stablecoins, and ERC20 tokens. Private keys are stored in a certified secure element for peace of mind, and all transactions are safeguarded with the 2+1 factor authentication. You’re required to verify your identity before you can send cryptocurrencies, but you can do this through your phone’s fingerprint or facial ID function. You’ll then push a button on the CoolWallet card when ready to process the transaction. You can get the CoolWallet app for Android and iOS devices. It includes a portfolio tracker, and offers integration with Changelly and Binance DEX.
This is the first hardware wallet to receive backing from the Binance exchange, and includes a secure crypto element and EAL 5+ financial grade crypto chip to keep your private keys safe. SafePal runs completely offline to help eliminate the risk of attacks via Wi-Fi, USB, Bluetooth, NFC, etc. Multi-layer security schemes offer further protection, as do the embedded self-destruct and key-erasing mechanisms. With SafePal, you also get support for Ethereum, Bitcoin, ERC20, TRC10, and TRC20 tokens.
This small HD hardware wallet resembles a small USB device, and provides Ethereum, Bitcoin, XRP, and ERC20 token support. Secalot also includes an OpenPGP smart card, along with key security features such as the one-time password generator and U2F authenticator. Secalot operates on an open-source system, using a secure microcontroller with high-performance cryptographic co-processor. It’s no surprise that Secalot functions on every major operating system, including Linux, Windows, and macOS. It also offers support for P2SH, P2PKH, and segWit transactions. You can integrate Secalot with the Electrum wallet if you have that too, as well as the MyEtherWallet and XRP Toolkit wallets.
Cobo Vault Ultimate is crafted from high-strength aluminum alloy. As a military-grade wallet, Cobo Vault Ultimate delivers impressive high security: it’s completely air-gapped, so upgrades must be installed through a microSD card, and all keys are kept on the bank-grade encryption chip. If the Cobo Vault Ultimate hardware wallet ends up in untrustworthy hands, it’s capable of self-destructing to protect your assets. It also includes a four-inch touchscreen and offers support for a dozen cryptocurrencies. Support is also available for an increasing roster of TRON, EOS, and ETH tokens. The Cobo Vault Ultimate hardware wallet supports staking, too. You can choose from two more affordable models: the Cobo Vault Pro and Cobo Vault Essential. They offer some, but not all, of the features discussed above.
D’CENT produces a number of hardware wallets, such as a biometric wallet and card wallet. The D’CENT Biometric Wallet is believed to be the premier Bitcoin smart contract-ready hardware wallet supporting both the RSK and RRC-20 ecosystems. D’CENT Biometric Wallet operates through an in-built fingerprint scanner offering guaranteed enhanced access control, and allows for transactions to be signed quickly. The D’CENT Card Wallet enables you to just touch it to an NFC-capable mobile device for managing crypto assets from the Wallet App directly. D’CENT devices feature high-quality OLED displays of 128×128 pixels, enabling you to verify accounts and transaction details quickly.
Ellipal is a blockchain tech organization with headquarters in Hong Kong, known for the Ellipal Titan hardware wallet. This device is anti-tamper, trustless, and air-gapped. It offers support for Ethereum, Bitcoin, EOS, Litecoin, Tron, Verge, Cardano, ERC20, TRC10, BEP, and TRC20 tokens. The slick design is a combination of a large touchscreen and a metallic case, providing impressive durability and convenience. You can use the wallet in full network isolation, and it’s incapable of connecting to other networks or devices. The Ellipal Titan wallet has zero ports or online components, so it provides full protection against online or remote attacks. It can be integrated with the Binance DEX.
Bitfi (or Bitfi.2) is an open-source crypto hardware wallet, with a 3.95-inch touchscreen. It’s Wi-Fi enabled, providing support for leading cryptocurrencies, ERC20 tokens, and numerous altcoins. Bitfi offers no storage for private keys, unlike alternative hardware wallets. Instead, you can send crypto assets by entering a “salt” and a secret passphrase. The wallet will then create private keys for you, so it’s not storing data. Essentially, this works like a calculator. But anything you type into this, or that’s calculated, will be written over straight away.
This wallet is the size of a credit card, and offers support for all of the major cryptos, as well as ERC20 tokens. Security comes courtesy of two-factor authentication or questionnaire, while multi-signature transactions are supported too. You can check balances, exchange crypto assets instantly through the Walahala Exchange, and perform transactions via QR code, all through the dashboard app. Innovative Plasma Core Technology powers the exchange, and trades are facilitated by burning Walahala coins.
XZEN is a cold wallet designed to deliver advanced functionalities and an intuitive user interface. This crypto hardware wallet works with all of the leading operating systems, such as Android, macOS, Windows, and iOS. You can interact with XZEN through the color high-res LCD IPS screen, so it’s easy to operate, and the in-built fingerprint authentication keeps you as the only user with access to your private keys. You can also expect wireless charging, an NFC chip, and support for Bluetooth 4.2 with XZEN.
MIRkey is a FIDO Certified Bitcoin wallet and security key, created by ellipticSecure. This IT business is recognized for its specialist work in the design and manufacture of HSM (Hardware Security Modules). MIRkey is also an IDO Certified L1 authenticator, supporting U2F (CTAP), CTAP2, 2FA TOTP, and other protocols. This crypto hardware wallet works with all web services utilizing Webauthn, FIDO2, 2FA TOTP, or U2F codes. This Bitcoin wallet also supports (BIP32) with an Electrum plugin, and it works with OpenVPN (as well as alternative VPN providers) for extra security. MIRkey provides OpenSSH support to keep SSH keys secure. You can use MIRkey with macOS, Windows, and Linux.
Keevo is the creation of BitKey Technologies, Inc., based in San Francisco. This crypto hardware wallet provides support for major cryptocurrencies, and includes a dual-chip architecture supported by a pair of triple-core secure processors for your peace of mind. The impressive display and rechargeable lithium-ion battery are nice touches, too. With Keevo, you can also take advantage of the integrated multi-sig and multi-factor authentication features. Air-gapped security and embedded fingerprint sensor safeguard against potential risks. This wallet also utilizes the unique Keevo Carbon Key feature: this eliminates the requirement for paper seed phrases. The in-built threat detection and countermeasure protection systems provide further defense against security risks, too.
Sugi is a combination of a payment cad and a mobile app, distinguishing it from standard USB-connected wallets. You can sign transactions by tapping the Sugi card against any NFC-enabled mobile device and typing your PIN. The app is capable of checking balances, creating payments, and reviewing transactions. You can download this on Android and iOS devices. Sugi supports many of the leading cryptocurrencies such as Bitcoin, as well as an expanding ERC20 token list. Your private keys are secured in cold storage, and the Sugi card can be customized (as with most payment cards). You will be able to make in-store purchases and withdraw from ATMs with Sugi in the future, too.
Crypto hardware Wallets Vulnerabilities
It’s possible that someone could interfere with the crypto wallet you ordered before it arrives at your home address. To mitigate this possibility, decent manufacturers add a holographic sticker which proves that it hasn’t been tampered with.
If your wallet arrives and this isn’t the case, then you shouldn’t use it. Some indeed have their own built-in test to see if they’ve been compromised, but with so much at stake, it’s better to be safe than sorry. Also, consider only buying crypto hardware wallets straight from the manufacturer, and if you do go with a reseller then satisfy yourself that they are trustworthy—ask the manufacturer to vouch for them first.
Preconfigured Seed Phrase
Your wallet should randomly create your seed phrase during the initial setup. It isn’t sent to you with your order. There has been a case where someone received a crypto hardware wallet and used the pre-arranged seed phrase that came with it. The seller was a criminal who was then able to get into the wallet with their copy of the phrase and make off with the buyer’s coins.
Evil Maid Attack
Anybody who sneaks off with or gets into your cryptocurrency hardware wallets without your permission is perpetrating what’s known as an ‘evil maid attack’. That’s why PIN protection is usually included as standard. It stops the thief from getting in and purloining your crypto.
If you are unfortunate and your device gets swiped, then don’t despair. You can still use your seed phrase to get your cryptocurrency back and move the coins to different cryptocurrency hardware wallets with other seed phrases. This will retrieve all of the funds and restore your coins to your control.
The $5 Wrench Attack
This refers to a situation where you are threatened in person by someone who wants you to give up your PIN. To defend against this, TREZOR is one manufacturer that lets you add an extra layer of protection with a passphrase. This is a phrase you add in addition to the PIN code. The beauty of it is that you don’t just have one passphrase. You could set up another account under a different passphrase that only holds a small amount of cryptocurrency, and you can make this the only one that’s visible. The person waving the five-dollar wrench at you will hopefully be satisfied that you’ve unlocked your wallet and transferred what’s in it to them.
Conclusion – get crypto hardware wallets if you like keeping your money safe
Cryptocurrency hardware wallets will cost you up to $100, and not getting this kind of protection could cost you an absolute fortune. It would probably cost you at least that much to have somebody put a new lock on your front door, so if you value the money in your account as much as you value your front door, then a crypto hardware wallets is a no-brainer.
The TREZOR One and the Ledger Nano S are two top choices, but as we said, remember to buy only from the company itself or authorized resellers. Going the eBay or Amazon route is usually the most economical one, but not in this case!