From Microsoft to AT&T to Home Depot, more companies are accepting cryptocurrency as a way to pay for products and services. This makes perfect sense as crypto coins are a viable revenue source. Perhaps the time is ripe for businesses to learn how to receive, process and convert crypto payments into fiat currency.

Still, many questions remain. How can you safely enable customers to pay with Bitcoin or other digital currency? What are the security risks that come with cryptocurrency? Let’s find out.

Who Accepts Payment in Bitcoin?

Some of the biggest brands on earth (Microsoft, PayPal, Mastercard, Starbucks, AT&T and Amazon) now accept cryptocurrency as payment. Also, up to a third of small businesses accept payment in Bitcoin. Now, you can’t go up to the counter at Starbucks and pay for your latte in crypto. But you can link the Bakkt crypto application to your Starbucks app and pay from there.

Meanwhile, Microsoft lets you redeem Bitcoin to fund your account balance to make purchases online.

How to Accept Payment in Bitcoin

There are two ways to accept cryptocurrency, and each method has its own security risks. Crypto wallets are like real-world wallets. That is, they are a place to privately store your cash. Cryptocurrency exchanges or payment gateways are third-party platforms that enable crypto transactions. Let’s look at each one, crypto wallets and crypto exchanges, separately.

Cryptocurrency Wallet

A cryptocurrency wallet is an app or device that enables you to store and retrieve all your cryptocurrency. The software version of crypto wallets goes by the name ‘hot’ wallets. You can also purchase a ‘cold’ wallet device (USB stick). To receive a crypto payment, you simply direct the sender to the unique public cryptographic address issued by your wallet. You can enable payments by QR code or by entering the crypto coin address.

Crypto wallets are freestanding apps or devices that do not always require an exchange to store or receive funds. Setting up your crypto wallet involves selecting a password and receiving a wallet-generated ‘seed phrase.’ If you forget your password or lose your wallet device, the seed phrase can recover on-chain funds. But if you also lost or forgot the seed phrase, your coins could be lost forever.

Crypto wallet security issues include:

  • Forgetting passwords and seed phrases could lead to the permanent loss of all funds
  • Theft or damage of wallet devices or computers with wallet software could lead to loss of currency
  • While difficult, it is possible to break into hardware crypto wallets
  • Payments remain anonymous as the transaction occurs on the blockchain only
  • Phishing attacks trick victims into giving up credentials on fake software wallet platform sites. If a hardware wallet is plugged in, compromised credentials could also lead to theft of funds.
  • Malware can detect saved cryptocurrency addresses on a computer and replace them with an attacker’s wallet addresses. This leads to a diversion of funds to the attacker’s wallet.

Seed Phrase Security

Seed phrase security is a big deal. Imagine if you have millions of dollars stored in your wallet. If anyone stole your seed phrase, they could empty your wallet. Some say to write it on a piece of paper and lock it in a safe deposit box. Others say to secure your seed phrase in encrypted files online. However, an attacker can exfiltrate your online files if they steal your credentials.

What Are Burner Crypto Wallets?

For those very concerned about security, some set up crypto burner wallets that could be used for an individual or group of transactions. These simple, less technical apps are fully functioning wallets with no seed phrases. Burner wallets can be used for trade shows, conventions or even for daily business. The funds can then be transferred to your main wallet, and the burner wallet could be discarded at the end of the day.

Cryptocurrency Payment Gateway and Exchange

A cryptocurrency exchange is a digital platform that enables users to sell or buy digital currency or convert fiat currency into digital currency. Exchanges may also offer a web-hosted crypto wallet. Many exchanges enable you to link your physical wallet or third-party wallet application to your exchange account. One component of a cryptocurrency exchange is the payment gateway, which is a payment receiving and processing app.

The main advantage of a crypto exchange is convenience. For example, to receive funds in a crypto wallet it must have the capability to accept each type of coin. So if someone wants to pay you in Ether, but your wallet only accepts Bitcoin, you’re out of luck. Plus, crypto wallets can’t convert one currency to another. But exchanges can accept payment from many types of coins, then convert them instantly to another coin or fiat currency. Exchanges also provide API and e-commerce integration solutions.

Some security concerns associated with crypto exchanges include:

  • If the exchange gets infected with malware, the attacker potentially has access to all the wallets on the exchange
  • Exchanges have a wider attack surface. For example, any employee of an exchange could have their credentials compromised, thus exposing the entire exchange.
  • Threat actors posing as customer service could lure targets into giving up wallet access
  • The U.S. government could sanction the cyber currency exchange if it has been linked to ransomware payments
  • Crypto exchanges are open to any software vulnerabilities hidden in their APIs or integrations
  • Embedded in legitimate-looking apps, crypto Trojans let attackers steal sensitive cryptocurrency information, including user credentials, personal information and current balance.

How to Get Paid in Cryptocurrency Safely

Upon reviewing the risks, you might be apprehensive about accepting cryptocurrency payments. However, conventional online banking is not immune to risk either. For example, the crypto Trojan mentioned earlier infected banks as well. Plus, phishing attacks can occur nearly anywhere online. In all cases, strong security, which includes encryption and multifactor authentication, should be standard for any crypto platform you use.

For maximum cryptocurrency protection, a physical wallet may be the way to go. You could even use a crypto exchange to manage daily business, like a burner wallet, and then transfer funds to your cold wallet at the end of the day. Meanwhile, ongoing developments in regulation are also helping to identify cyber currency threat actors.

more from Banking & Finance

What Do Financial Institutions Need to Know About the SEC’s Proposed Cybersecurity Rules?

On March 9, the U.S. Securities and Exchange Commission (SEC) announced a new set of proposed rules for cybersecurity risk management, strategy and incident disclosure for public companies. One intent of the rule changes is to provide “consistent, comparable and decision-useful” information to investors. Not yet adopted, these new rules – published in the Federal Register on March 23 –…

SEC Proposes New Cybersecurity Rules for Financial Services

Proposed new policies from the Securities and Exchange Commission (SEC) could spell changes for how financial services firms handle cybersecurity. On Feb. 9, the SEC voted to propose cybersecurity risk management policies for registered investment advisers, registered investment companies and business development companies (funds). Next, the proposal will go through a public comment period until May 9.  The Importance of…