From Microsoft to AT&T to Home Depot, more companies are accepting cryptocurrency as a way to pay for products and services. This makes perfect sense as crypto coins are a viable revenue source. Perhaps the time is ripe for businesses to learn how to receive, process and convert crypto payments into fiat currency.

Still, many questions remain. How can you safely enable customers to pay with Bitcoin or other digital currency? What are the security risks that come with cryptocurrency? Let’s find out.

Who Accepts Payment in Bitcoin?

Some of the biggest brands on earth (Microsoft, PayPal, Mastercard, Starbucks, AT&T and Amazon) now accept cryptocurrency as payment. Also, up to a third of small businesses accept payment in Bitcoin. Now, you can’t go up to the counter at Starbucks and pay for your latte in crypto. But you can link the Bakkt crypto application to your Starbucks app and pay from there.

Meanwhile, Microsoft lets you redeem Bitcoin to fund your account balance to make purchases online.

How to Accept Payment in Bitcoin

There are two ways to accept cryptocurrency, and each method has its own security risks. Crypto wallets are like real-world wallets. That is, they are a place to privately store your cash. Cryptocurrency exchanges or payment gateways are third-party platforms that enable crypto transactions. Let’s look at each one, crypto wallets and crypto exchanges, separately.

Cryptocurrency Wallet

A cryptocurrency wallet is an app or device that enables you to store and retrieve all your cryptocurrency. The software version of crypto wallets goes by the name ‘hot’ wallets. You can also purchase a ‘cold’ wallet device (USB stick). To receive a crypto payment, you simply direct the sender to the unique public cryptographic address issued by your wallet. You can enable payments by QR code or by entering the crypto coin address.

Crypto wallets are freestanding apps or devices that do not always require an exchange to store or receive funds. Setting up your crypto wallet involves selecting a password and receiving a wallet-generated ‘seed phrase.’ If you forget your password or lose your wallet device, the seed phrase can recover on-chain funds. But if you also lost or forgot the seed phrase, your coins could be lost forever.

Crypto wallet security issues include:

  • Forgetting passwords and seed phrases could lead to the permanent loss of all funds
  • Theft or damage of wallet devices or computers with wallet software could lead to loss of currency
  • While difficult, it is possible to break into hardware crypto wallets
  • Payments remain anonymous as the transaction occurs on the blockchain only
  • Phishing attacks trick victims into giving up credentials on fake software wallet platform sites. If a hardware wallet is plugged in, compromised credentials could also lead to theft of funds.
  • Malware can detect saved cryptocurrency addresses on a computer and replace them with an attacker’s wallet addresses. This leads to a diversion of funds to the attacker’s wallet.

Seed Phrase Security

Seed phrase security is a big deal. Imagine if you have millions of dollars stored in your wallet. If anyone stole your seed phrase, they could empty your wallet. Some say to write it on a piece of paper and lock it in a safe deposit box. Others say to secure your seed phrase in encrypted files online. However, an attacker can exfiltrate your online files if they steal your credentials.

What Are Burner Crypto Wallets?

For those very concerned about security, some set up crypto burner wallets that could be used for an individual or group of transactions. These simple, less technical apps are fully functioning wallets with no seed phrases. Burner wallets can be used for trade shows, conventions or even for daily business. The funds can then be transferred to your main wallet, and the burner wallet could be discarded at the end of the day.

Cryptocurrency Payment Gateway and Exchange

A cryptocurrency exchange is a digital platform that enables users to sell or buy digital currency or convert fiat currency into digital currency. Exchanges may also offer a web-hosted crypto wallet. Many exchanges enable you to link your physical wallet or third-party wallet application to your exchange account. One component of a cryptocurrency exchange is the payment gateway, which is a payment receiving and processing app.

The main advantage of a crypto exchange is convenience. For example, to receive funds in a crypto wallet it must have the capability to accept each type of coin. So if someone wants to pay you in Ether, but your wallet only accepts Bitcoin, you’re out of luck. Plus, crypto wallets can’t convert one currency to another. But exchanges can accept payment from many types of coins, then convert them instantly to another coin or fiat currency. Exchanges also provide API and e-commerce integration solutions.

Some security concerns associated with crypto exchanges include:

  • If the exchange gets infected with malware, the attacker potentially has access to all the wallets on the exchange
  • Exchanges have a wider attack surface. For example, any employee of an exchange could have their credentials compromised, thus exposing the entire exchange.
  • Threat actors posing as customer service could lure targets into giving up wallet access
  • The U.S. government could sanction the cyber currency exchange if it has been linked to ransomware payments
  • Crypto exchanges are open to any software vulnerabilities hidden in their APIs or integrations
  • Embedded in legitimate-looking apps, crypto Trojans let attackers steal sensitive cryptocurrency information, including user credentials, personal information and current balance.

How to Get Paid in Cryptocurrency Safely

Upon reviewing the risks, you might be apprehensive about accepting cryptocurrency payments. However, conventional online banking is not immune to risk either. For example, the crypto Trojan mentioned earlier infected banks as well. Plus, phishing attacks can occur nearly anywhere online. In all cases, strong security, which includes encryption and multifactor authentication, should be standard for any crypto platform you use.

For maximum cryptocurrency protection, a physical wallet may be the way to go. You could even use a crypto exchange to manage daily business, like a burner wallet, and then transfer funds to your cold wallet at the end of the day. Meanwhile, ongoing developments in regulation are also helping to identify cyber currency threat actors.

More from Banking & Finance

How the ZeuS Trojan Info Stealer Changed Cybersecurity

4 min read - Information stealer malware is a type of malicious software designed to collect sensitive information from a victim’s computer. Also known as info stealers, data stealers or data-stealing malware, this software is true to its name: after infecting a computer or device, it’s highly adept at exfiltrating login credentials, financial information and personal data. Info stealers typically operate by monitoring keyboard input, capturing screenshots and intercepting network traffic. They may also search a hard drive for specific types of data. The…

4 min read

2022 Industry Threat Recap: Finance and Insurance

5 min read - The finance and insurance sector proved a top target for cybersecurity threats in 2022. The IBM Security X-Force Threat Intelligence Index 2023 found this sector ranked as the second most attacked, with 18.9% of X-Force incident response cases. If, as Shakespeare tells us, past is prologue, this sector will likely remain a target in 2023. Finance and insurance ranked as the most attacked sector from 2016 to 2020, with the manufacturing sector the most attacked in 2021 and 2022. What…

5 min read

How to Spot a Nefarious Cryptocurrency Platform

4 min read - Do you ever wonder if your cryptocurrency platform cashes in ransomware payments? Maybe not, but it might be worth investigating. Bitcoin-associated ransomware continues to plague companies, government agencies and individuals with no signs of letting up. And if your platform gets sanctioned, you may instantly lose access to all your funds. What exchanges or platforms do criminals use to cash out or launder ransomware payments? And what implications does this have for people who use exchanges legitimately? Blacklisted Exchanges and Mixers…

4 min read

Kronos Malware Reemerges with Increased Functionality

6 min read - The Evolution of Kronos Malware The Kronos malware is believed to have originated from the leaked source code of the Zeus malware, which was sold on the Russian underground in 2011. Kronos continued to evolve and a new variant of Kronos emerged in 2014 and was reportedly sold on the darknet for approximately $7,000. Kronos is typically used to download other malware and has historically been used by threat actors to deliver different types of malware to victims. After remaining…

6 min read