TOP-100 EXCHANGES BY CYBERSECURITY SCORE #3 AND COMBINED SCORE (MARCH 2020)
It is obvious that in the modern economy cyber security is one of the most crucial issues requiring proper maintenance. Especially in the crypto exchanges industry since over $282 million were stolen in 11 hacks from crypto trading platforms in 2019 according to a report by Chainanalysis. Although the total amount stolen is much smaller than in 2018 the number of attacks significantly increased. Therefore CER continues to monitor and assess the cyber security of crypto exchanges.
In the current Analysis CER used the list of 236 spot crypto exchanges from CoinGecko with Trust Score available as of 24.03.2020.
The initial Cyber Security Score (CSS) methodology was described in the first report and the updates are highlighted in the second report. For the current report the methodology was slightly adjusted by altering weight coefficients of certain parameters and changing the calculation of Password Requirements for more balanced results.
Statistics
The CSS results from results showed that only 19 crypto exchanges (8%) out of 236 gained “good” scores of over 8 points and higher (see fig 1).
While the vast part of the sample (148 crypto exchanges, 62.8%) scored moderately (6 to 8 points), 69 crypto exchanges (29.2% out of total) totaled lower than 6 points.
Just like in the previous CSS report the Bug Bounty availability appeared to be weakest parameter again (see fig. 2)
Missing HTTP headers is the second weakest parameter as 76.7% of exchanges miss 4+ headers out of 7 (see fig. 3)
And another notable weakness is the presence of captcha during the sign-up and sign-in process on the trading platforms. 97 of exchanges (41.1%) don’t have captcha at all (see fig. 4).
The results for Password Requirements are way better than in the previous report due to altered methodology. Nevertheless some crypto exchanges treat this parameter irresponsibly as 13.56% of them scored 1 or 0 points. And in one particular case the platform allowed to create a 1-symbol password.
New CSS Top-100 Spot Exchanges
Table 1 below provides the list of Top-100 out of 236 sample spot crypto exchanges by CSS total results. It also contains sub-scores for Server Security, User Security, Crowdsourced Security and Historical Cases.
| # | Exchange | Server Security | User Security | Crowdsourced Security | Historical Cases | Total |
| 1 | btcturk | 8,50 | 9,47 | 10 | 10 | 9,02 |
| 2 | otcbtc | 7,95 | 8,47 | 10 | 10 | 9,02 |
| 3 | binance_us | 9,23 | 9,47 | 10 | 8 | 8,91 |
| 4 | bilaxy | 8,41 | 8,12 | 5 | 10 | 8,76 |
| 5 | bit_z | 8,11 | 8,15 | 10 | 10 | 8,66 |
| 6 | kucoin | 9,14 | 8,47 | 10 | 10 | 8,65 |
| 7 | btc_alpha | 8,32 | 7,65 | 5 | 10 | 8,6 |
| 8 | bitsonic | 7,75 | 8,59 | 10 | 10 | 8,6 |
| 9 | kraken | 7,00 | 7,65 | 10 | 7 | 8,56 |
| 10 | binance | 7,93 | 9,47 | 10 | 3,5 | 8,51 |
| 11 | altilly | 8,95 | 8,00 | 5 | 10 | 8,47 |
| 12 | coinbase | 8,14 | 7,65 | 10 | 10 | 8,46 |
| 13 | hitbtc | 8,50 | 6,74 | 10 | 10 | 8,31 |
| 14 | indodax | 4,95 | 9,12 | 0 | 10 | 8,26 |
| 15 | oceanex | 7,91 | 7,59 | 5 | 10 | 8,26 |
| 16 | binance_jersey | 7,61 | 9,47 | 5 | 10 | 8,26 |
| 17 | poloniex | 10,00 | 6,76 | 10 | 10 | 8,2 |
| 18 | bigone | 8,39 | 9,74 | 0 | 10 | 8,07 |
| 19 | txbit | 8,55 | 7,65 | 0 | 10 | 8 |
| 20 | bitholic | 8,18 | 7,82 | 0 | 10 | 7,86 |
| 21 | gate | 8,68 | 9,21 | 5 | 3,5 | 7,82 |
| 22 | kuna | 6,86 | 8,38 | 5 | 10 | 7,77 |
| 23 | qtrade | 8,16 | 6,85 | 5 | 10 | 7,77 |
| 24 | bitexlive | 9,27 | 8,09 | 0 | 10 | 7,69 |
| 25 | bitopro | 7,50 | 8,00 | 0 | 10 | 7,66 |
| 26 | coinone | 9,55 | 7,12 | 5 | 10 | 7,6 |
| 27 | bitsdaq | 9,68 | 8,85 | 0 | 10 | 7,59 |
| 28 | whitebit | 8,18 | 8,06 | 0 | 10 | 7,58 |
| 29 | bitmax | 8,23 | 8,00 | 0 | 10 | 7,56 |
| 30 | probit | 7,59 | 8,68 | 0 | 10 | 7,54 |
| 31 | huobi | 8,36 | 9,21 | 0 | 10 | 7,54 |
| 32 | coinfloor | 8,68 | 8,59 | 0 | 10 | 7,54 |
| 33 | mxc | 8,00 | 9,21 | 0 | 10 | 7,54 |
| 34 | velic | 7,64 | 9,12 | 0 | 10 | 7,53 |
| 35 | paribu | 8,11 | 6,24 | 0 | 10 | 7,52 |
| 36 | ftx_spot | 6,55 | 6,18 | 0 | 10 | 7,5 |
| 37 | bhex | 5,73 | 7,26 | 5 | 10 | 7,48 |
| 38 | vebitcoin | 5,34 | 9,21 | 0 | 10 | 7,46 |
| 39 | kkcoin | 6,68 | 9,21 | 0 | 10 | 7,45 |
| 40 | bitlish | 7,84 | 5,85 | 0 | 10 | 7,39 |
| 41 | dragonex | 8,27 | 8,59 | 5 | 1,5 | 7,39 |
| 42 | livecoin | 7,36 | 8,59 | 0 | 10 | 7,37 |
| 43 | sistemkoin | 7,82 | 7,53 | 5 | 10 | 7,36 |
| 44 | jex | 8,73 | 6,00 | 10 | 10 | 7,34 |
| 45 | gemini | 7,82 | 6,62 | 0 | 10 | 7,33 |
| 46 | chainex | 9,41 | 7,50 | 0 | 10 | 7,31 |
| 47 | huobi_japan | 7,20 | 8,47 | 0 | 10 | 7,31 |
| 48 | bgogo | 6,50 | 6,85 | 0 | 10 | 7,29 |
| 49 | cbx | 6,30 | 8,94 | 0 | 10 | 7,28 |
| 50 | graviex | 8,45 | 5,18 | 10 | 8 | 7,26 |
| 51 | bitflyer | 5,75 | 7,65 | 0 | 7 | 7,24 |
| 52 | tokenize | 8,18 | 8,38 | 0 | 10 | 7,2 |
| 53 | huobi_korea | 8,95 | 8,85 | 0 | 8,5 | 7,19 |
| 54 | quoine | 8,14 | 6,18 | 0 | 10 | 7,18 |
| 55 | p2pb2b | 9,45 | 7,26 | 5 | 10 | 7,17 |
| 56 | gdac | 6,86 | 6,91 | 0 | 10 | 7,16 |
| 57 | exrates | 8,68 | 6,44 | 0 | 10 | 7,15 |
| 58 | coindeal | 8,41 | 9,12 | 0 | 10 | 7,12 |
| 59 | cointiger | 6,86 | 8,32 | 0 | 10 | 7,12 |
| 60 | independent_reserve | 7,95 | 6,76 | 0 | 10 | 7,12 |
| 61 | coinzo | 7,89 | 7,12 | 0 | 10 | 7,12 |
| 62 | ooobtc | 7,91 | 6,59 | 5 | 10 | 7,12 |
| 63 | bitcoin_com | 7,25 | 7,53 | 0 | 10 | 7,09 |
| 64 | coinbig | 10,00 | 7,53 | 0 | 10 | 7,08 |
| 65 | bitpanda | 7,89 | 5,79 | 5 | 10 | 7,07 |
| 66 | bitbay | 7,48 | 5,97 | 5 | 10 | 7,07 |
| 67 | bitforex | 7,52 | 8,32 | 0 | 10 | 7,07 |
| 68 | ecxx | 7,36 | 7,12 | 0 | 10 | 7,06 |
| 69 | dsx | 10,00 | 6,91 | 0 | 10 | 7,05 |
| 70 | bitstorage | 6,86 | 7,38 | 0 | 10 | 6,99 |
| 71 | Decoin | 8,45 | 8,74 | 0 | 10 | 6,99 |
| 72 | bankera | 7,27 | 6,85 | 5 | 10 | 6,97 |
| 73 | dcoin | 6,45 | 6,24 | 5 | 10 | 6,96 |
| 74 | luno | 5,18 | 6,91 | 0 | 10 | 6,95 |
| 75 | btcmarkets | 6,07 | 4,91 | 5 | 10 | 6,95 |
| 76 | coinflex | 7,36 | 5,97 | 5 | 3 | 6,95 |
| 77 | c2cx | 5,14 | 7,85 | 0 | 10 | 6,95 |
| 78 | ovex | 7,45 | 6,94 | 0 | 10 | 6,94 |
| 79 | bvnex | 6,57 | 7,12 | 0 | 10 | 6,94 |
| 80 | bihodl | 8,41 | 7,53 | 0 | 10 | 6,94 |
| 81 | hotbit | 7,59 | 8,06 | 0 | 5,5 | 6,93 |
| 82 | bithumb_global | 6,41 | 9,00 | 0 | 1,5 | 6,93 |
| 83 | bitso | 8,95 | 6,35 | 0 | 5 | 6,92 |
| 84 | bitkub | 5,64 | 6,76 | 0 | 10 | 6,92 |
| 85 | eToroX | 9,14 | 5,29 | 5 | 10 | 6,9 |
| 86 | tokok | 6,68 | 7,15 | 0 | 10 | 6,9 |
| 87 | coss | 6,32 | 8,38 | 0 | 7 | 6,89 |
| 88 | lbank | 4,59 | 8,32 | 0 | 10 | 6,88 |
| 89 | omgfin | 7,95 | 5,06 | 0 | 10 | 6,86 |
| 90 | yobit | 7,55 | 6,24 | 0 | 10 | 6,84 |
| 91 | daybit | 7,14 | 8,26 | 0 | 10 | 6,83 |
| 92 | exmarkets | 5,91 | 5,24 | 0 | 10 | 6,82 |
| 93 | cex | 8,14 | 5,79 | 0 | 10 | 6,79 |
| 94 | unnamed | 6,91 | 7,35 | 0 | 10 | 6,78 |
| 95 | coinsuper | 4,27 | 6,26 | 5 | 10 | 6,78 |
| 96 | okex_korea | 8,23 | 7,65 | 5 | 5,5 | 6,77 |
| 97 | beaxy | 4,41 | 6,91 | 5 | 3 | 6,77 |
| 98 | elitex | 7,20 | 7,65 | 0 | 10 | 6,77 |
| 99 | bit2c | 7,05 | 5,29 | 0 | 10 | 6,76 |
| 100 | coinex | 6,32 | 6,74 | 0 | 10 | 6,76 |
Table 1. Top-100 crypto exchanges by CSS results
Combined Score
Cyber Security is one of the most important parameters one should consider while evaluating crypto exchanges. But Cyber Security alone doesn’t give the full view of the trading platform’s grade. For more balanced evaluation other parameters should be assessed. Therefore CER calculated the Combined Score by adding CSS and CoinGecko’s Trust Score equally weighted. Fig. 5 shows the distribution by Combined Score results.
Fig. 5. Distribution of Combined Score.
In the table 2 below one can find the list of Top-100 crypto exchanges by Combined Score.
| # | Exchange | CSS | CoinGecko Trust Score | CSS + GC |
| 1 | binance_us | 8,91 | 10 | 9,46 |
| 2 | kucoin | 8,65 | 10 | 9,33 |
| 3 | kraken | 8,56 | 10 | 9,28 |
| 4 | binance | 8,51 | 10 | 9,26 |
| 5 | coinbase | 8,46 | 10 | 9,23 |
| 6 | poloniex | 8,2 | 10 | 9,10 |
| 7 | bitflyer | 7,24 | 10 | 8,62 |
| 8 | gate | 7,82 | 9 | 8,41 |
| 9 | bithumb | 6,64 | 10 | 8,32 |
| 10 | coinone | 7,6 | 9 | 8,30 |
| 11 | bitfinex | 6,6 | 10 | 8,30 |
| 12 | huobi | 7,54 | 9 | 8,27 |
| 13 | ftx_spot | 7,5 | 9 | 8,25 |
| 14 | bittrex | 6,43 | 10 | 8,22 |
| 15 | gemini | 7,33 | 9 | 8,17 |
| 16 | bigone | 8,07 | 8 | 8,04 |
| 17 | probit | 7,54 | 8 | 7,77 |
| 18 | paribu | 7,52 | 8 | 7,76 |
| 19 | bitstamp | 5,35 | 10 | 7,68 |
| 20 | hitbtc | 8,31 | 7 | 7,66 |
| 21 | indodax | 8,26 | 7 | 7,63 |
| 22 | oceanex | 8,26 | 7 | 7,63 |
| 23 | tokenize | 7,2 | 8 | 7,60 |
| 24 | quoine | 7,18 | 8 | 7,59 |
| 25 | coindeal | 7,12 | 8 | 7,56 |
| 26 | bitbank | 6,07 | 9 | 7,54 |
| 27 | luno | 6,95 | 8 | 7,48 |
| 28 | btcmarkets | 6,95 | 8 | 7,48 |
| 29 | bitso | 6,92 | 8 | 7,46 |
| 30 | bitkub | 6,92 | 8 | 7,46 |
| 31 | coss | 6,89 | 8 | 7,45 |
| 32 | cex | 6,79 | 8 | 7,40 |
| 33 | floatsv | 6,69 | 8 | 7,35 |
| 34 | bitopro | 7,66 | 7 | 7,33 |
| 35 | max_maicoin | 6,64 | 8 | 7,32 |
| 36 | btc_alpha | 8,6 | 6 | 7,30 |
| 37 | bitsdaq | 7,59 | 7 | 7,30 |
| 38 | bitmax | 7,56 | 7 | 7,28 |
| 39 | bitlish | 7,39 | 7 | 7,20 |
| 40 | livecoin | 7,37 | 7 | 7,19 |
| 41 | upbit | 6,24 | 8 | 7,12 |
| 42 | cointiger | 7,12 | 7 | 7,06 |
| 43 | independent_reserve | 7,12 | 7 | 7,06 |
| 44 | bitpanda | 7,07 | 7 | 7,04 |
| 45 | bitbay | 7,07 | 7 | 7,04 |
| 46 | dsx | 7,05 | 7 | 7,03 |
| 47 | exmo | 6,04 | 8 | 7,02 |
| 48 | dcoin | 6,96 | 7 | 6,98 |
| 49 | hotbit | 6,93 | 7 | 6,97 |
| 50 | bithumb_global | 6,93 | 7 | 6,97 |
| 51 | eToroX | 6,9 | 7 | 6,95 |
| 52 | omgfin | 6,86 | 7 | 6,93 |
| 53 | kuna | 7,77 | 6 | 6,89 |
| 54 | okex_korea | 6,77 | 7 | 6,89 |
| 55 | bitexlive | 7,69 | 6 | 6,85 |
| 56 | gopax | 6,68 | 7 | 6,84 |
| 57 | bit_z | 8,66 | 5 | 6,83 |
| 58 | coinsbit | 6,64 | 7 | 6,82 |
| 59 | coinfloor | 7,54 | 6 | 6,77 |
| 60 | dragonex | 7,39 | 6 | 6,70 |
| 61 | therocktrading | 6,31 | 7 | 6,66 |
| 62 | digifinex | 6,3 | 7 | 6,65 |
| 63 | graviex | 7,26 | 6 | 6,63 |
| 64 | bw | 6,23 | 7 | 6,62 |
| 65 | zb | 6,21 | 7 | 6,61 |
| 66 | btse | 6,19 | 7 | 6,60 |
| 67 | p2pb2b | 7,17 | 6 | 6,59 |
| 68 | coinzo | 7,12 | 6 | 6,56 |
| 69 | bitforex | 7,07 | 6 | 6,54 |
| 70 | bkex | 6,05 | 7 | 6,53 |
| 71 | bankera | 6,97 | 6 | 6,49 |
| 72 | coinflex | 6,95 | 6 | 6,48 |
| 73 | ovex | 6,94 | 6 | 6,47 |
| 74 | coincheck | 5,91 | 7 | 6,46 |
| 75 | aex | 5,91 | 7 | 6,46 |
| 76 | itbit | 5,9 | 7 | 6,45 |
| 77 | coinsuper | 6,78 | 6 | 6,39 |
| 78 | qtrade | 7,77 | 5 | 6,39 |
| 79 | elitex | 6,77 | 6 | 6,39 |
| 80 | bilaxy | 8,76 | 4 | 6,38 |
| 81 | okex | 6,73 | 6 | 6,37 |
| 82 | bibox | 6,72 | 6 | 6,36 |
| 83 | bitsonic | 8,6 | 4 | 6,30 |
| 84 | eterbase | 6,53 | 6 | 6,27 |
| 85 | bhex | 7,48 | 5 | 6,24 |
| 86 | vebitcoin | 7,46 | 5 | 6,23 |
| 87 | bitmart | 6,46 | 6 | 6,23 |
| 88 | kkcoin | 7,45 | 5 | 6,23 |
| 89 | korbit | 6,4 | 6 | 6,20 |
| 90 | latoken | 6,38 | 6 | 6,19 |
| 91 | crex24 | 6,36 | 6 | 6,18 |
| 92 | okcoin | 6,31 | 6 | 6,16 |
| 93 | shortex | 6,14 | 6 | 6,07 |
| 94 | btcturk | 9,02 | 3 | 6,01 |
| 95 | txbit | 8 | 4 | 6,00 |
| 96 | bitstorage | 6,99 | 5 | 6,00 |
| 97 | Decoin | 6,99 | 5 | 6,00 |
| 98 | bvnex | 6,94 | 5 | 5,97 |
| 99 | zbg | 4,88 | 7 | 5,94 |
| 100 | lbank | 6,88 | 5 | 5,94 |
Table 2. Top-100 crypto exchanges by Combined Score
Conclusions
As apparent from CSS results only 8% of trading platforms scored favorably (8 points and higher) and over 29.2% of them received fair results (below 6 points). These figures are once more highlighting the need for cyber security enhancement in the industry.As an answer on a demand for complex versatile ranking of crypto exchanges CER integrated CSS and CoinGecko’s Trust Score. The Combined Score provides a more comprehensive and multifaceted rating of cryptocurrency trading platforms. We believe that the approach of combining different assessment methodologies will help users to better evaluate the grade of crypto exchanges. Exchanges representatives can get details about their exchange rating by leaving a request in our contact form.
Subscribe
to our
newsletter
Be the first to receive our latest company updates, Web3 security insights, and exclusive content curated for the blockchain enthusiasts.
Tell us about your project
Read next:
More related
Test Your Solidity and EVM Skills: Solve CTF Challenge (Full Walkthrough)10 min read
Insights