The SEC’s Crypto Czar Is Hitting the Road – And She Wants to Meet You

The SEC’s Crypto Czar Is Hitting the Road – And She Wants to Meet You

The U.S. Securities and Exchange Commission (SEC) is going on tour in hopes of meeting with crypto entrepreneurs who otherwise might not engage with the regulator. FinHub, the SEC’s branch dedicated to interacting with tech startups, posted a notice last week that it would be visiting major U.S. cities, allowing individuals or teams to set up face-to-face meetings with agency staffers to ask questions or provide feedback about issuing tokens or other issues under the regulator’s purview. The road trip begins in San Francisco on March 26, at the SEC’s local office, with the next visit planned for Denver. While FinHub staffers at the meetings are able to answer questions about startups’ projects, they will not be able to provide legal advice, said Valerie Szczepanik, the SEC’s senior advisor for digital assets and innovation and associate director of the Division of Corporation Finance. “We can’t give legal advice to any individual or member of the public, but we often give guidance to folks as they talk us through their proposed projects,” Szczepanik, who will attend the San Franciso event, told CoinDesk. Some of the SEC’s past enforcement actions have come about after crypto startups self-reported possible securities law violations to the regulator. Gladius Network LLC, one such project, settled charges of running an unregistered securities offering without admitting to (or denying) the charges, and the SEC did not fine the startup because the company reported itself to the agency. Another startup, CoinAlpha, did receive a $50,000 fine after the SEC reached out about its unregistered securities offering, but the company settled the charges and did not admit to or deny the allegations. As such, the penalties imposed on these firms that cooperated are relatively light. SEC goes ‘P2P’ The purpose of these face-to-face meetings – dubbed “Local P2P” on the FinHub website – is to help crypto startups “put a human face on the regulator,” Szczepanik explained: “We really do want to engage with folks that are seeking to innovate in this area and they should know that it’s typically a positive experience. I’m hoping to keep this going at the local level too, recognizing that not everyone can travel to D.C. or New York.” The number of startups that have reached out to FinHub to…

Ledger Reveals Physical Exploits Against Trezor Hardware Wallets

Ledger Reveals Physical Exploits Against Trezor Hardware Wallets

The battle of the hardware wallets is heating up. At this weekend’s MIT Bitcoin Expo in Boston, Charles Guillmet, Chief Security Officer of Ledger, presented a number of physical attacks that could be executed against Trezor hardware wallets. He also outlined an attack on their rival’s device that Ledger has refrained from making public because it is not patchable. Also read: How the World’s Leading Banks Help Launder $2 Trillion a Year Ledger CSO Runs a Train on Trezor Like any self-respecting hardware wallet (HW) manufacturer, Ledger rigorously pen tests its own devices in search of potential vulnerabilities. The French firm’s Paris hacking lab, known as the “Ledger Donjon,” doesn’t just dissect its own wares: it also thoroughly attacks those of its fiercest rival, Trezor. While identifying and disclosing a competitor’s vulnerabilities might seem counterintuitive, it yields a brace of benefits, highlighting potential weaknesses in the opposition and emphasizing Ledger’s offensive prowess. Within hours of Ledger CSO Charles Guillmet presenting at MIT Bitcoin Expo 2019, where he described the Trezor One, Trezor T, Keepkey, and B Wallet as “completely broken,” insisting there was “no way to fix” their security flaws, his employer published “Our Shared Security: Responsibly Disclosing Competitor Vulnerabilities.” The article explains how “about four months ago we contacted Trezor to share five vulnerabilities our Attack Lab uncovered. As always, we gave Trezor a responsible disclosure period to work on these vulnerabilities, even granting them two extensions.” With the disclosure period having now expired, Ledger proceeds to gleefully reveal what it found upon pen testing its rival’s devices. 4 Vulnerabilities Fully Disclosed In total, Ledger claims to have found four major vulnerabilities in Trezor’s flagship wallets. The first of these concerns the “genuineness” of the device. Trezor HWs have previously been shown to be susceptible to cloning, prompting the company to improve its tamper-proof stickers and to provide guidelines on how to detect ersatz devices. Trezor’s response to this “vulnerability” was to point out that users will not be exposed to this risk provided they purchase devices directly from the Trezor website. Fake Trezor on the left, authentic Trezor on the rightThe second attack identified involved a weakness in the PIN number used to secure Trezor HWs. Ledger explained: “On a found or stolen…

Malta Appoints Cybersecurity Firm Ciphertrace to Monitor Crypto Transactions

Malta Appoints Cybersecurity Firm Ciphertrace to Monitor Crypto Transactions

The Malta Financial Services Authority (MFSA) has appointed U.S. cybersecurity company Ciphertrace to help with compliance monitoring of crypto assets. Ciphertrace will be expected to keep track of transactions that pass through local crypto exchanges and digital wallets including ICOs, screening for potential money laundering and terrorism financing violations. Also read: Fidelity’s Cryptocurrency Arm Starts Offering Institutional Investor Services Detecting Illicit Financial Flows The MFSA is currently sifting through applications from 29 cryptocurrency businesses that are seeking approval to operate as what are known as virtual financial agents (VFAs), the Times of Malta reported on March 11. Once the VFAs have been licensed, understood to be by the end of the month, businesses are expected to submit further applications to operate cryptocurrency exchanges, wallets and initial coin offerings. Ciphertrace will be required to track every asset that passes through the virtual financial agents, even when reasonable caution has been taken by the VFAs to prevent cases of illicit financial flows by individuals and businesses. “Being strongly aware of the money laundering and financing of terrorism risks associated with entities operating in this sphere, the decision has been taken to engage the services of Ciphertrace in order to reduce fraud and detect transactions with illegal sources of funds,” Joseph Cuschieri, CEO of MFSA, was quoted as saying. He added: Ciphertrace compliance monitoring will provide the MFSA with powerful oversight tools to automate regulatory processes and audit the risk management of virtual asset businesses licensed in Malta. Building Relationships With Banks Ciphertrace is an American blockchain security company founded by Silicon Valley entrepreneurs in 2015. Through its supervisory technology tool (Suptech), the company offers cryptocurrency anti-money laundering, cryptocurrency forensics, and blockchain threat intelligence solutions. The company uses machine learning to de-anonymize transactions, helping regulators to evaluate and monitor the trustworthiness of crypto asset businesses. This solution tracks the risk exposure of virtual asset businesses including cryptocurrency exchanges, collective investment schemes and ICOs to measure potential exposure. “Suptech will allow the MFSA to monitor the activities of crypto businesses both pre- as well as post-authorization stage,” said Dave Jevans, CEO of Ciphertrace. He explained that crypto businesses have a tough time opening bank accounts due to perceived risk. However, banks and other financial institutions have started using the…

Paxos’ Precious Metal-Backed Cryptocurrency to Launch This Year, CEO Says

Paxos’ Precious Metal-Backed Cryptocurrency to Launch This Year, CEO Says

Blockchain trust company Paxos’ digital token backed by precious metals will be launched “definitely this year,” said Paxos CEO, Chad Cascarilla in an interview with Fortune’s Balancing the Ledger on March 11. During the interview, Cascarilla was asked whether Paxos is working on a gold-backed coin, wherein he replied that “it is something we will see definitely this year.” “We are excited about the concept of being able to take a commodity, and I think precious metals are really obvious ones, and gold is probably the most obvious and being able to tokenize it,” Cascarilla added. In order to implement the concept, Paxos has to ensure it holds the amount of inventory “in the real world” equal to the one registered on blockchain. Cascarilla explained: “In order to put something in a blockchain, you have to make sure you have the right amount of inventory in the real world versus what is in the blockchain. How you do with a gold token is how much gold do you have in a vault equals how many gold tokens outstanding.” Cascarilla said that the firm’s status as a financial institution allows the firm to utilize the banking system to ensure that they hold backing assets “in the real world” that correspond to the number of assets on a blockchain. While the company is planning to launch its precious metal-backed coin this year, Cascarilla said that Paxos has not set the exact date yet. Speaking about Paxos Standard (PAX) — the firm’s Ethereum (ETH)-based stablecoin backed 1:1 by the U.S. dollar and launched last September — Cascarilla stated that it differs from other stablecoins in that it is fully audited, highly regulated and approved by the New York State Department of Financial Services (NYDFS), and relatively liquid. Initially founded in 2012 as Bitcoin (BTC) exchange itBit, the startup later rebranded as blockchain-focused firm Paxos. Paxos holds a trust company charter in the state of New York, which gives it some of the same privileges as a bank, including the ability to take custody of mainstream financial assets. Last May, Paxos reportedly raised $65 million from investors to bolster its operations. Last December, Cointelegraph reported that PAX exceeded $5 billion worth of transaction volumes. At the time, the coin…

How the World’s Leading Banks Help Launder $2 Trillion a Year

How the World’s Leading Banks Help Launder $2 Trillion a Year

Some of the most well known banks in the world are also the biggest money launderers. The recent Troika Laundromat affair added another $8 billion to the trillions financial institutions wash every year. Over $2 trillion is laundered annually by criminals who utilize various ways to hide money in banks, which are often complicit or at least willing to turn a blind eye. The following is a look at money laundering schemes used by criminal enterprises that use the world’s so-called ‘regulated’ banks as their main laundromat system. Also read: Cointext Adds the Ability to Pay Bitpay Invoices Using SMS The World’s ‘Regulated’ Banks Wash More Than $2 Trillion Every Year Financial incumbents and politicians love to invade normal people’s everyday activities and they’d love to know how our funds are being spent right down to the last penny. At the same time, the banking system that they regulate is used to wash trillions each and every year using schemes like shell companies, bogus supply chain invoices, smurfing, and ‘mirror’ trades to hide funds that stem from illegal acts. In the last decade, few notable bankers or financiers have been jailed for financial crimes and money laundering save for Bernie Madoff. Many believe Madoff was only incarcerated because he stole from the banking cartel and shed light on their shady activities. Washing Money Using Banks Since the last financial crisis, dozens of the world’s financial institutions have been caught laundering money and slapped with petty fines. Just recently the Troika Laundromat scandal revealed that banks like Citigroup, Deutsche Bank, and Raiffeisen helped criminals wash $8.8 billion in a seven-year period. Illicit funds are moved and obfuscated from the public eye using the traditional banking system in a variety of ingenious ways. Mirror Trading Mirror trading is a financial strategy that is legal in certain jurisdictions. The mirroring method allows two identical trades to be executed, but the selected strategy of the two combined trades cancels each other out. However, funds are still moved from one location to the next using the scheme. As one Quora commenter explains: A client opens up a trading account with Deutsche Bank in Moscow. The client deposits let’s say the equivalent of $10,000 in rubles in his account and asks…

Cointext Adds the Ability to Pay Bitpay Invoices Using SMS

Cointext Adds the Ability to Pay Bitpay Invoices Using SMS

Cointext, the cryptocurrency wallet that allows users to send bitcoin cash (BCH) by SMS, has been steadily adding regional support and so far has captured 42 countries. Now Cointext has added the ability to utilize the BIP70 protocol so users can pay Bitpay invoices using the wallet’s text messaging capabilities. Also read: Bitcoin Cash Fans Start ‘Torch Passing’ Ceremony With a Non-Divisible Token Cointext Now Supports 42 Countries The Cointext wallet is a popular client among BCH supporters because it allows people to transact through SMS technology. Over the last few weeks, the startup has been adding support for countries like Bangladesh, Philippines, and Hong Kong. The company has gathered support for a total of 42 countries including Hungary, Denmark, Brazil, Columbia, Argentina, Australia, Estonia, Finland, and Germany. Cointext’s main goal is removing friction and making cryptocurrency simple to use and the startup believes its wallet “is the easiest way to introduce friends to crypto.” The Cointext service is now available in 42 countries. BIP70 Support, Bitpay Invoices and Anypay Global Cointext has now announced support for the BIP70 payment protocol that Bitpay uses to process bitcoin core (BTC) and bitcoin cash (BCH) invoices. Essentially this means that Cointext users can copy a BIP70 payment URL and pay the invoice via their text messaging service. The startup also released a video showing the process, with Cointext founder and CTO Vin Amarni demonstrating the new “Buy” command by donating $1 in BCH to the Wikimedia organization. The video demonstration showed the procedure was seamless and the functionality gives Cointext users the ability to pay for all types of goods and services using BCH. Cointext can process both Bitpay invoices (BIP70) and Anypay Global invoices. The BIP70 support follows the platform’s recent integration with another payment processor based in New Hampshire called Anypay Global. Last November, BCH fans noticed a recorded video of an individual paying for goods at the La Maison Navarre bakery in New Hampshire but instead of using a traditional QR code payment the food was purchased via text using the Cointext application. Anypay Global merchants simply create a BCH invoice using the application and the platform provides a Cointext code alongside a traditional QR code. In order to pay for goods, the Cointext…

In the Daily: Monero Upgrade, Revolut Auto Exchange, SETL Administration

In the Daily: Monero Upgrade, Revolut Auto Exchange, SETL Administration

In this edition of The Daily we cover the latest protocol upgrade to privacy coin monero (XMR), a new feature for traders using Revolut, and the blockchain-based corporate settlements platform SETL appointing administrators for the business. Also Read: Online Bank Swissquote to Add Crypto Custodial Services Monero Undergoes Protocol Upgrade The Monero development team has confirmed that its scheduled protocol upgrade was completed successfully. The hard fork introduced four main changes to the privacy-focused altcoin including an improvement to the dynamic block size algorithm, an introduction of dummy encrypted payment IDs as well as shrinking of the size of amount encodings and using deterministic masks. The most important update involved making the cryptocurrency more resistant to ASIC (application-specific integrated circuits) miners. A recent report showed that more than 85 percent of the Monero network was dominated by ASIC miners. The newly implemented Cryptonight-R algorithm is meant to tweak the proof-of-work mechanism used by XMR miners to deter using ASIC rigs, at least for a while. Revolut Launches Auto Exchange London-based alternative digital banking startup Revolut has added a new feature to the service it calls Auto Exchange, supporting both fiat and cryptocurrencies. Similar to market orders common on forex trading platforms, such as Entry and Stop-Loss, the new feature allows Revolut users to automatically exchange one asset into another when a target rate they set is reached. Revolut was launched in July 2015, and its services include pre-paid debit cards (Mastercard or Visa), fiat currency exchange, cryptocurrency buying and exchange, peer-to-peer payments, remittances, personal loans, travel insurance and international money transfers. In April 2018 the company raised a Series C investment round of $250 million and added support for bitcoin cash (BCH). SETL Goes Into Administration Permissioned blockchain-based platform SETL has recently announced the appointment of administrators for the company in a notice of corporate insolvency. This is the latest example of corporate blockchain technology projects struggling to deliver on the hype they generated. The newly appointed administrators, Quantuma LLP, are tasked with enabling the company to balance its holdings and continue its activities on a business as usual basis. Trying to put a positive spin on the matter, SETL refers to the move as a corporate reorganization following the completion of its Central Securities…

Barclays Analyst Predicts Billions in Additional Revenue From ‘Facebook Coin’ by 2021

Barclays Analyst Predicts Billions in Additional Revenue From ‘Facebook Coin’ by 2021

Facebook’s own cryptocurrency, if launched, could potentially generate $19 billion in additional revenue by 2021, CNBC reports on March 11. Barclays internet analyst Ross Sandler wrote in a client note that a cryptocurrency could establish a new revenue stream for Facebook, aiding its share price that tanked amid a series of high-profile scandals last year. In his forecast, Sandler pointed out that the crypto-based revenue option is something “sorely needed at this stage of the company’s narrative,” stressing that any advertising-free revenue streams are likely to be well-perceived by Facebook’s shareholders. Sandler said that his more conservative revenue estimate for the new coin is $3 billion. The Barclays analyst recalled Facebook’s original payment project that was similar to what cryptocurrencies are today. Developed by California-based firm The Menlo Park in 2010, “Facebook credits” represented a virtual currency that allowed users to pre-pay those credits using domestic currencies and then use them for in-app-purchases. Sandler added that Facebook will bear the brunt of interchange costs between fiat currencies and its possible new cryptocurrency, which could cut into the profitability of the business. Citing analysis from Barclays, Sandler stated that the first version of “Facebook Coin” may be a single purpose coin for micro-payments and domestic peer-to-peer (p2p) money transfer, which is considered “very similar to the original credits from 2010.” Sandler also assessed the scope of the project, noting that it is larger than previous ambitions of Facebook. The analyst pointed to David Marcus, the leader of Facebook’s blockchain and crypto team, who is former president of payment operator PayPal. Sandler also noted that Facebook has recently hired a number of employees from blockchain startup Chainspace. Following a Bloomberg report on Facebook developing its own crypto back in December 2018, The New York Times (NYT) published another article alleging that the social media giant is “hoping to succeed where Bitcoin failed” with its highly secretive crypto project. According to NYT, 50 new employees are working on developing a stablecoin that would incorporate Facebook’s three fully-owned apps — WhatsApp, Facebook Messenger, and Instagram.

CFTC Requires Trading Platform to Pay $990K for Illegal Bitcoin-Related Transactions

CFTC Requires Trading Platform to Pay $990K for Illegal Bitcoin-Related Transactions

The United States Commodity Futures Trading Commission (CFTC) has announced Monday, March 11, that international securities dealer 1pool Ltd. and its CEO Patrick Brunner must pay a total of $990,000 for illicit Bitcoin (BTC) transactions with U.S. customers. The Marshall Islands-based startup, which was offering BTC-funded security-based swaps, and its owner have been fined for illegally offering BTC-margined retail commodity transactions to U.S. investors. Moreover, the CFTC states that 1pool Ltd. failed to register as a futures commission merchant and did not comply with the required Anti-Money Laundering (AML) procedures. The CFTC imposed a civil penalty of $175,000, while also obliging 1pool Ltd. to reimburse $246,000 of gains. Moreover, the company has to return approximately 93 BTC, valued by the CFTC at approximately $570,000, to all known U.S. customers. CFTC Director of Enforcement James McDonald has additionally warned intermediaries that the watchdog will hold them accountable in case they fail to comply with licensing requirements and U.S. trading policies. As Cointelegraph previously reported, the U.S. Securities and Exchange Commission (SEC) and Federal Bureau of Investigation (FBI) were also involved in prosecution. During the investigation an undercover FBI agent purchased security-based swaps on the Marshall-based platform from the U.S., though he did not comply with the discretionary investment thresholds required by the U.S. securities laws. According to SEC, the users could also open accounts on the platform with their email address and a user name only, without providing additional information, which does not comply with U.S. customer identification regulations. The two parallel actions were filed by CFTC and SEC in September 2018. The chairman of CFTC Christopher Giancarlo explained that the CFTC charged the portion of the activity involving derivatives, the SEC charged the portion relating to equities, and the Department of Justice and the FBI secured an order to seize platform’s website and shut it down.

IBM Scores Deal With US Credit Union Group to Use Hyperledger Blockchain

IBM Scores Deal With US Credit Union Group to Use Hyperledger Blockchain

CU Ledger, a consortium of U.S. credit unions that’s been experimenting with a range of private blockchains, has added one more to the list: IBM’s Hyperledger Fabric solution. The consortium will use IBM’s tech to create “an immutable audit trail that can be used to create new business models and transform existing business processes for credit unions,” Big Blue said Monday. In particular, the new solutions will be built for such services as identity authentication, compliance with know-your-customer (KYC) regulations, lending and payments, the tech giant said. The first blockchain-based services will be available to CULedger members “later in 2019,” IBM said. However, the consortium told CoinDesk it will keep its relationships with previously announced partners R3, Hedera and Evernym. “The use of a specific blockchain platform will be dependent on each particular application or use case that is being developed. Our partners, such as IBM, Evernym and Sovrin, each play a role within our overall strategy and solutions,” Julie Esser, CULedger’s chief experience officer, told CoinDesk. “We are not replacing any of the relationships that we have previously announced,” she said. “CULedger is building a network of networks that will facilitate the peer-to-peer exchange of anything digital. As we continue to develop our solutions, there will be applications better suited for different networks, and CULedger will enable those networks to interact with each other.” For example, CULedger is building an identity solution for its members leveraging the Hyperledger Indy platform (the code for which was developed by Evernym and contributed by the Sovrin Foundation). But the new KYC-related product will use Fabric (which IBM contributed to Hyperledger), Esser said. Past partnerships Last May, the consortium announced it was going to use Hedera’s Hashgraph distributed ledger technology (DLT) to build a public system for cross-border payments. In December, CULedger also announced it was joining R3’s global network of companies building on the open-source Corda platform. The group also said earlier its identity solution MyCUID was developed with Evernym, an identity-focused blockchain company. At the moment, CULedger isn’t building on Corda, Esser explained, but “there is an opportunity in the future” for the consortium to leverage R3’s tech. Evernym remains a key partner, providing the front-end solution for MyCUID. As for Hedera, CULedger “doesn’t have a specific use case at this…