BS2:1-Don’t buy from big exchanges 🏦

If you google ‘get bitcoin’ or ‘how to buy bitcoin’ the results are either scams or big crytpocurrency exchanges like Coinbase, Kraken, and Binance. I don’t recommend google searching ‘buy bitcoin’ or something and making a choice from the list of results.

Spotting scams

The world of cryptocurrency is full of scams that will do their best to cheat you. Luckily, they are usually easy to spot.

Here’s some tips for spotting scams:

  • If you haven’t heard of it, it’s probably a scam.
  • If they let you buy bitcoin with a credit card, it’s probably a scam.
  • Do a little research!

Always do a little research before you trust a company—google the name of the company plus ‘reviews’ or ‘scam’ and see what comes up. You don’t have to spend hours, but if something isn’t right, there’s usually people talking about it.

Coinbase, Kraken, Binance, etc…

There are a number of large, commercial exchanges where you can buy bitcoin, and this is what most people do. So why shouldn’t you?

The first, and most important reason, is that when you buy bitcoin from an exchange like Coinbase, you are not actually buying bitcoin. At best you are buying an IOU for bitcoin. In the case of PayPal and Robinhood, you are actually buying a bitcoin derivative—PayPal and Robinhood do not allow you to ever withdraw the bitcoin you purchase in their apps.

Even when the exchange does allow you to withdraw your bitcoin to your own wallet, they often impose daily limits and limits on how long you must wait to withdraw, and these requirements might change without much notice.

As we covered in BS1-1: Why ‘Not your keys, not your coins,’ the value of bitcoin comes from its usefulness—buying from commercial exchanges doesn’t let you access the usefulness of bitcoin.

The second reason you should not buy bitcoin from commercial exchanges is that they often require extensive information about your identity. This can include images of your government identification cards, proof-of-residence, pictures of you holding your ID, and even biometrics like fingerprints or face scans.

Know-your-customer (KYC)

Many governments have laws that require financial institutions to collect detailed information about your identity (these are called know-your-customer laws). When we are dealing with a public ledger like the bitcoin blockchain this can be a dangerous liability.

The constant stream of data-breaches reminds us that no company or organization is perfect at protecting the information they collect. This means that it really is only a matter of time before any given company leaks some or all of the information you give them.

If the commercial exchange you are working with is hacked, the primary concern is not that they will lose control of the bitcoin they hold in your name (although that is a possibility). The real problem is that your identifying information may be publicly connected to the amount of bitcoin you own.

Bitcoin is a bearer asset, like cash, and is expected to increase in value. If you own a significant amount of bitcoin you definitely do not want that fact publicly available along with all your identifying information (including your physical address). The information you provide in order to interact with commercial exchanges can make you a target.

Even if you don’t think you have enough bitcoin to worry about someone coming to take it from you, once your legal name is attached to bitcoin at a particular address, the record is impossible to remove, and can be used to make guesses about whether you still own that bitcoin or where you may have spent it.

Bitcoin transactions themselves are very easy to track, and once a specific transaction is associated with you, it’s not hard to guess about future transactions that use that bitcoin. In addition, if you end up combining bitcoin that is known to be yours with bitcoin that no one knows you have, you are essentially tipping your hand, and letting everyone see how you are using your bitcoin.

BS3: How to be safe with bitcoin goes into more detail about KYC and how to protect your bitcoin from data breaches.

Shotgun KYC

You may have tried to choose a commercial exchange that required less of your identifying information than others. Unfortunately, the trend among commercial exchanges is to increase their requirements, and it is becoming common for exchanges to surprise their customers with increased requirements when they try to withdraw their bitcoin into their own possession.

This is called shotgun KYC because it gives you no option: you’ve already paid for the bitcoin, but if you really want to own it, you have to comply with whatever restrictions the exchange sees fit to impose upon you.

But it’s so easy…

No doubt, commercial exchanges do their best to make the process of buying bitcoin with them smooth and easy. But mostly what they provide with their slick logos and slick UX is a feeling of comfort. Bitcoin is real money, and so it’s not often comfortable. But actually learning about bitcoin and how to use it empowers you to do what you want with your money. And that’s the reason people want bitcoin, so don’t buy it at a commercial exchange. Use Azteco or Bisq instead.