How to stay secure when shopping for hardware wallets
Obtaining a hardware wallet is a crucial step in taking self-custody of your digital assets, but if you’ve never used one, it can be daunting to shop around for the right device.
Today, there are many great models to choose from, and it’s becoming easier to buy a hardware wallet in general. Still, there are some security considerations you should know before you look around. Here’s a primer to get you started.
What’s a hardware wallet?
Hardware wallets are dedicated electronic devices for storing the private keys behind bitcoin, ethereum, and other cryptocurrency. They help you generate the necessary signatures for crypto transactions. When you’re not transacting, the devices keep your keys offline and out of reach for hackers, which is often called cold storage.
When you look around vendor websites, you may find different terms for hardware wallets: signing devices, cold storage devices, hardware keys, etc. The crypto industry is still relatively new, and much of this product terminology is evolving.
Hardware wallets have been around for nearly a decade, and today, we are lucky to have many different hardware wallets on the market that are safe and easy to use.
First, decide what you need
There are always some tradeoffs between security and convenience. It’s best to decide about these tradeoffs ahead of time before selecting a hardware wallet.
Before you buy a device, you need to know what type of assets you intend to secure on your device, so you can be sure you have the functionality you need when the time comes. Several models offer support for thousands of assets (Trezor, Ledger, Keystone) while other devices are designed with a bitcoin-only focus (Coldcard, Passport). It’s worth also noting that many devices that offer multi-asset support also allow you to use a bitcoin-only firmware if you prefer.
Next to consider are the features. For long-term holdings, we recommend devices that come with a screen instead of a blind signer with only a button or tap functionality. Screens allow you to independently verify addresses on the device itself. If you simply click a button on a blind signer, it’s harder to know what exactly you’re verifying.
Most hardware wallets today require you to plug your device into a computer, though a new wave of devices is emerging that come with a camera for scanning QR codes. This can be a convenient way to sign transactions.
Never buy a used hardware wallet
You always want to start fresh with a new device when taking cold storage of bitcoin, ethereum, and other digital assets. Because hardware wallets are your first line of defense in protecting your private key, you want to ensure your device hasn’t been tampered with. This is hard to do with an old device.
Additionally, you never want to borrow a hardware wallet from a friend. Keys are proof of ownership. Even if you have custody of the device, someone else could still have a copy of the recovery phrase, which they could use to migrate to another device. If you send crypto to someone else’s wallet, it’s best to assume it’s theirs, so stay away from pre-initialized hardware wallets.
Stop tracking in its tracks with VPNs and ad blockers
The internet is a shopping mall, and you can inadvertently share a lot of data while online shopping. It’s best to avoid telling the world you own crypto for security reasons.
Malicious actors generally assume purchasers of hardware wallets already own crypto. By using privacy tools like VPNs and ad blockers, you reduce the amount of data you share with third parties.
Buy directly from the manufacturer
The recommended way to obtain devices is to purchase straight from the device manufacturer. This ensures that you get a genuine device and a current model with access to the latest firmware updates. Many vendors work with authorized resellers, which you should verify first on their respective website before purchasing.
Looking for a shortlist of vendors? Check out this list of five hardware wallets, all of which integrate with Casa.
Avoid clicking on ads
Scammers have been known to spoof websites and buy ads for common search queries related to the crypto industry. Try to go directly to manufacturer websites by typing them in your browser. You can find links for common wallet manufacturers you can verify here.
Brick-and-mortar stores can be an alternative
Purchasing in a brick-and-mortar store can be an attractive option because it reduces the sharing of personal information. If you walked in and bought a device in-person, you could pay cash. This prevents you from sharing your credit card data and shipping address with a third party.
Stores are just beginning to stock hardware wallets, so you may have to search around to find a store that carries them. Recently, Ledger began stocking devices in big box retailers, such as Best Buy. It’s reasonable to expect other manufacturers and stores will do the same if there is sufficient demand. If you purchase a device from a retail outlet, verify that the tamper seal has not been breached.
Pro tip: Buy hardware wallets at conferences
Crypto conferences can be a handy opportunity to pick up devices. In many cases, you can purchase them at kiosks without creating a paper trail. And some sellers may even accept bitcoin or other assets. Keep an eye out if you’re traveling to a conference soon.
Always use the recommended cables
Don’t worry about tracking down cables for these devices. Most hardware wallets ship with dedicated USB cables included, and it’s best to stick to them for the long-term compatibility and stability of your device. Review your manufacturer instructions for more details.
Get better protection with multiple keys
Casa uses multiple devices to secure ethereum and bitcoin. This protects your crypto in the event your hardware wallet is lost or stolen. Get started with a multi-key vault and have peace of mind your money is safe.
Choose a plan here.
Stay current on privacy and security news
Our weekly Security Briefing newsletter provides quick updates on bitcoin and ethereum security with analysis from Casa’s experts. Sign up here.