OKX Web3 Special Issue 04: OKX Web3 & OneKey: Boosting Device Security

Security Team: At the 2015 BlackHat conference, global hackers unanimously agreed that facial recognition technology is the most unreliable method of identity authentication. Nearly a decade later, with advancements in AI technology, we now have near-perfect “magic” replacements for human faces, proving that traditional visual facial recognition cannot provide adequate security. Therefore, it is more important for recognition parties to upgrade algorithmic technology for identification and prevention of deepfakes.

Regarding the risks of AI face swapping, users can do little besides protecting their own privacy and biometric data. Here are some small suggestions:
1) Use facial recognition applications cautiously
When choosing facial recognition applications, users should opt for those with good security records and privacy policies. Avoid using applications from unknown sources or with questionable security, and regularly update software to ensure the use of the latest security patches. Previously, many small loan company apps in China violated regulations by selling users’ facial data, resulting in the leakage of user facial data.

2) Understand multi-factor authentication (MFA)
Single biometric authentication carries significant risks, so combining multiple authentication methods can significantly enhance security. Multi-factor authentication (MFA) combines various verification methods such as fingerprints, iris scanning, voice recognition, and even DNA data. For recognition parties, this combination of authentication methods can provide an additional security layer when one authentication method is compromised. For users, protecting their privacy data in this aspect is equally important.

3) Maintain skepticism to prevent fraud
Clearly, with the ability of AI to mimic faces and voices, impersonating someone over the internet has become much easier. Users should be particularly cautious with requests involving sensitive information or fund transfers, and employ two-factor authentication or confirm the other party’s identity through phone calls or face-to-face meetings. Stay vigilant and do not easily trust urgent requests, and be able to identify common scams such as impersonating executives, acquaintances, or customer service representatives. There are also many cases of impersonating celebrities, so beware of “fake platforms” when participating in certain projects.

OKX Web3 Wallet Security Team: Generally, emerging virtual technologies bring new risks, and these risks, in fact, bring about new research in defense mechanisms, which in turn lead to new risk control products.

1) AI forgery risks
In the field of AI face swapping, many AI face swapping detection products have emerged. The industry has proposed several methods to automatically detect fake videos, focusing on detecting unique elements (fingerprints) generated by deepfakes in digital content. Users can also identify AI face swapping through careful observation of facial features, edge processing, and audio-visual synchronization. Additionally, Microsoft has also released a series of tools to educate users on deepfake identification, allowing users to learn and enhance their own identification abilities.

2) Data and privacy risks
The application of large models in various fields also brings risks to user data and privacy. When using conversational robots, users should pay attention to protecting their personal privacy information and avoid directly inputting key information such as private keys, keys, and passwords. It is advisable to hide critical information through substitution, confusion, and other methods. For developers, Github provides a series of friendly checks. If submitted code contains OpenAI apikeys or other risky privacy leaks, corresponding push will report errors.

3) Abuse of content generation risks
In daily work, users may encounter many results generated by large models. While these results may be effective, the abuse of content generation also brings about false information and copyright issues. Some products have been developed to detect whether text content is generated by large models, which can reduce corresponding risks. Additionally, when using code generation by large models, developers should also pay attention to the correctness and security of the generated code. For sensitive or open-source code, thorough review and auditing are necessary.

4) Daily attention and learning
When browsing short videos, long videos, and various articles, users should consciously judge and identify possible AI forgeries or AI-generated content. Pay attention to common characteristics such as male and female voices, pronunciation errors, and common face-swapping videos. In critical situations, consciously judge and identify these risks.

Q6: Share some physical device security recommendations from a professional perspective.

OneKey Security Team: Based on the various risks mentioned earlier, we summarize the protective measures as follows:

1) Guard against the risk of intrusion of internet-connected devices
Internet-connected devices are ubiquitous in our daily lives, but they also bring potential intrusion risks. To protect our high-risk data (such as private keys, passwords, and MFA backup codes), we should use strong encryption methods and choose storage methods that are isolated from the network, avoiding storing sensitive information directly in plaintext on the device. Additionally, we need to remain vigilant against phishing and Trojan attacks. Consider using separate dedicated devices for cryptographic asset operations and other general-purpose devices to reduce the risk of being attacked. For example, we can separate our everyday laptops from hardware wallets used for managing cryptographic assets. This way, even if one device is compromised, the other device remains secure.

2) Maintain physical monitoring and protection
To further secure our high-risk devices (such as hardware wallets), we need to implement strict physical monitoring and protection measures. These devices at home should be stored in high-standard safes and equipped with comprehensive smart security systems, including video surveillance and automatic alarm functions. When traveling, it is important to choose hotels with secure storage facilities. Many upscale hotels offer dedicated security storage services, providing additional layers of protection for our devices. Additionally, consider carrying a portable safe to ensure the protection of our important devices in any situation.

3) Reduce risk exposure and prevent single points of failure
Distributing devices and assets is a key strategy for reducing risk. We should not store all high-privilege devices and cryptographic assets in one place or one wallet. Instead, consider storing them in secure locations in different geographical locations. For example, we can store some devices and assets at home, in the office, and with trusted relatives. Additionally, using multiple hot wallets and hardware cold wallets is an effective method. Each wallet can hold a portion of the assets to reduce the risk of a single point of failure. To enhance security, we can also use multi-signature wallets, which require multiple authorized signatures for transactions, significantly improving the security of our assets.

4) Prepare for worst-case scenarios
When facing potential security threats, it is crucial to have emergency measures in place for worst-case scenarios. For high-net-worth individuals, maintaining a low-profile approach is an effective strategy to avoid becoming a target. We should avoid flaunting our cryptographic assets in public and strive to keep property information low-key. Additionally, developing emergency plans for device loss or theft is necessary. We can set up bait wallets to temporarily deal with potential robbers while ensuring the ability to remotely lock or erase data from important devices (with backups). When traveling in high-risk areas, hiring a private security team can provide additional security and using special VIP security channels and high-security hotels can ensure our safety and privacy.

OKX Web3 Wallet Security Team: We will introduce recommendations from two levels: the OKX Web3 app level and the user level.

1) OKX Web3 app level
OKX Web3 Wallet employs various measures to strengthen the app’s security, including but not limited to algorithm obfuscation, logic obfuscation, code integrity checks, system library integrity checks, application tamper-proofing, and environmental security checks. These measures minimize the probability of users being attacked by hackers when using the app and also reduce the likelihood of the app being re-packaged by malicious actors.

Furthermore, in terms of Web3 Wallet data security, we utilize state-of-the-art hardware security technology, employing chip-level encryption to encrypt sensitive data in the wallet. This encrypted data is bound to the device’s chip, making it impossible for anyone to decrypt the encrypted data if it is stolen.

2) User level
Regarding users’ physical devices, including hardware wallets, commonly used computers, and mobile devices, we suggest strengthening security awareness in the following areas:

Hardware wallets: Use reputable brands of hardware wallets and purchase them from official channels. Generate and store private keys in isolated environments. The medium for storing private keys should be fireproof, waterproof, and theft-proof. It is recommended to use fireproof and waterproof safes to store private keys or mnemonic phrases in different secure locations to enhance security.

Electronic devices: For mobile phones and computers installed with software wallets, it is advisable to choose brands with better security and privacy protection (such as Apple). Additionally, minimize the installation of unnecessary applications and maintain a clean system environment. Use Apple ID to manage multi-device backups, avoiding a single device failure.

Daily usage: Avoid performing sensitive operations related to wallet devices in public places to prevent camera recording and leakage. Regularly use reliable antivirus software to check the device environment. Conduct regular inspections of the reliability of physical device storage locations.

Finally, thank you for reading the OKX Web3 Wallet “Security Special” column, Issue 04. We are currently preparing Issue 05, which will include real-life cases, risk identification, and practical security operation tips. Stay tuned!

This article is for reference only and does not intend to provide (i) investment advice or recommendations; (ii) offers or solicitations to buy, sell, or hold digital assets; or (iii) financial, accounting, legal, or tax advice. Holding digital assets (including stablecoins and NFTs) involves high risks and may experience significant volatility or even become worthless. You should carefully consider whether trading or holding digital assets is suitable for your financial situation. Please take responsibility for understanding and complying with applicable local laws and regulations.

This article is provided by the official source and does not represent the position or investment advice of this website. Readers must conduct their own careful evaluation.

Leave a Reply

Your email address will not be published. Required fields are marked *

Check Also

Successful Conclusion of CoinEx Taiwan’s 7th Anniversary Celebration, Embracing the Arrival of the Web3 Era Hand in Hand with Users

Since its establishment in 2017, CoinEx has been a professional cryptocurrency trading pla…