Matomo

Filling cryptography and security gaps in cryptocurrency wallets | Cossack Labs

🇺🇦 We stand with Ukraine, and we stand for Ukraine. We offer free assessment and mitigation services to improve Ukrainian companies security resilience.

Read more
Case [REDACTED] Foundation Cryptocurrency

Filling cryptography and security gaps in cryptocurrency wallets

Industry

  • Fintech

  • Blockchain

  • Cryptocurrency

Technology stack

  • React Native (iOS, Android)

  • Web extension (Chrome, Firefox)

  • LPoS

Regulations

  • GDPR

  • Typical fintech security requirements

  • Encryption Export Regulations

Challenges

Technology requirements

Encrypt data at rest

Multi-platform solution

Financial app security built into UX

Our approach

Understanding blockchain security threats

Building mobile/web platform-specific security controls

Integrating reliable cryptographic tools

Solution

Additional materials

Products and services involved

Mobile apps security

Mobile apps security

Mobile wallets give a gateway to the blockchain backend infrastructure and become a target for curious and malicious users: phishing and API abuse, creation and distribution of app clones. Mobile app security measures prevent these threats.

Read more
Cryptography engineering

Cryptography engineering

Implementing cryptography is hard, even in cryptocurrency applications. We audited the cryptographic core, found weaknesses, suggested fixes, and implemented a more reliable cross-platform cryptographic layer.

Read more
Security engineering

Security engineering

From security architecture to devsecops—we recommended numerous security controls and processed to ensure that wallets will get a high-security bar and stay there.

Read more
Themis

Themis

We suggested a cryptographic library Themis as a building block to unify applications' encryption layer across mobile (React Native) and web extension (WASM).

Read more

Benefits

The [Crypto Wallet] web extension and mobile apps are now synced in their security guarantees and provide defence in depth protection for the users’ data. With a security baseline similar to financial apps, the [Crypto Wallet] uses platform-specific security controls to protect users' cryptocurrency accounts in line with the industry best practices.

Results and outcomes

Smooth and maintainable security

Web, mobile, and cloud platforms bring unique threats but provide platform-specific security controls. Combining "boring" traditional application security with platform-specific measures results in reliable protection. Talk to us if you build cross-platform applications to take your appsec to the next level.

Contact us

Get whitepaper