Binance Security Review 2022 | Cer.live
Binance Security Review 2022image

Binance Security Review 2022

Binance is the largest crypto exchange in the world. Since its launch in 2017, Binance has grown into a crypto behemoth with a diverse stack of products and services built around the BNB chain. No other platform matches Binance in terms of trading volume and number of users. But is Binance secure? Let’s find out.

Trading volume and users

With a daily volume exceeding $25 billion, Binance is the biggest CEX in the world. Binance’s website has around 90 million monthly pageviews, the same figure as the number of registered users. Binance reached a peak daily trading volume of $65 billion on May 12, 2022. In the past 12 months, the average 24-h trade volumes have fluctuated between $6 and $30 billion.

Binance is incorporated in the Cayman Islands. There’s a separate legal entity solely for American users called Binance US that is registered in California.

Product Mix

Binance users can buy and sell up to 357 coins. In total, 1466 pairs are available for trade in the spot market. The most popular spot pairs are BTC/USDT(37%), BTC/BUSD (16%), ETH/BUSD (9%), and ETH/USDT (6.7%). There’s also an immense market for derivatives with 255 pairs and around 8 billion in 24 open interest.

Despite having its own BUSD, USDT is still the dominant currency on Binance, with a share of 65%. It’s worth noting that USD fiat currency is only available for Binance US.

Binance exchange can be accessed on mobile, web, and desktop. Registration is free of charge. Seasoned traders can have even more control and opportunities with a pro account, margin trading, and high leverage. Transaction fees are the lowest on the market of up to 0.1%. Binance has the most extensive marketing and promotional campaigns. Users are promoted with special offers every week.

How secure is Binance?

10/10 in Cybersecurity Score by CER

10/10 in Trust Score by CoinGecko

Grade A in API Coverage 

According to CER’s methodology of 20 security indicators, Binance is very secure. It’s among the very few AAA exchanges with Three Ticks in CERtified Badge and CoinGecko Trust Score of 10. 

Binance has received max scores in bug bounty, pentest, and proof of funds from CER.

Bug Bounty

Bug bounty program is a security measure that receives bug reports on security vulnerabilities from white-hat hackers.

Binance has an active bug bounty program at BugCrowd with a total bounty of $100,000. Rewards range between $200 and $10,000. Ethical hackers have already reported 271 vulnerabilities. Primary targets include:

  • *.binance.com (with exceptions, refer to Secondary Targets)
  • api.binance.com
  • binance.us
  • *.bnbchain.org
  • dex.binance.org
  • BNB Beacon Chain
  • Binance Wallet – Chrome and Firefox extensions
  • BNB Smart Chain
  • Binance Mobile/Desktop Application for Android/iOS/macOS
  • Binance Connect

Although the latest announcement on BugCrowd website dates back to 2020, reports are being submitted all the time. This means that a BB program is active. Therefore, the scope of the bug bounty program is comprehensive and justifies the max score by CER. 

Penetration Test

Pentesting is a proactive security measure where experts imitate real-world cyberattacks to identify critical internal and external vulnerabilities. Penetration testing is conducted in a safe and controlled environment. Binance received 10/10 in this category with a 100% scope coverage. Binance has open positions for security engineers specializing in pentesting, meaning it takes this type of protection seriously.

Proof of Funds

Proof of funds confirms that Binance is not involved in any forms of financial manipulations or fraudulent activities. Binance has the second largest solvency with funds insurance and $17.6 billion in total balance ($12.8 billion in BTC and $4.7 billion in ETH). Binance’s solvency is second only to Coinbase. 

Other Security Metrics

Binance received max scores for Server Security, User Security, Device Management, and Compliance with ISO/IEC 27001 certification from CER.live. Let’s talk about user security for a bit, it’s robust. Binance requires three-factor authentication for any funds withdrawal. User has to enter email confirmation, SMS confirmation, and authenticator code to withdraw funds. Furthermore, when logging in an account from a different IP, the app will ask you to confirm with security code. 

Security Incidents

In 2019, Binance suffered a costly exploit where hackers stole 7,000 BTC, which was $40 million back then. Since the attack, Binance has revised its position on cybersecurity. In the past two years, hackers haven’t been able to penetrate Binance’s security. 

Team

Binance team is public and very active in the crypto community. Binance founder and CEO 

Changpeng Zhao is one of the most influential persons in Web3. These things add credibility to the whole project.

It’s no wonder that Binance is so popular among crypto enthusiasts. Its product offering is competitive and attractive to newbies and veterans. The largest crypto exchange in the world is also one of the most secure out there. Binance goes to great lengths to protect user funds. The centralized crypto exchange has successfully recovered from a 2019 hack. Going forward, Binance is recommended to disclose more information about its efforts to safeguard digital assets.