Are Physical Bitcoins Busted?

August 30, 2013

Casascius coins have been hacked

Early this month at the annual DEFCON convention, something unsettling occurred.  DEFCON is an annual meeting of the minds at which the best and the brightest in the world of programming and IT come together.  The focus of the convention is to discuss the state-of-the-art in technological security and vulnerability.  DEFCON has often been a proving ground of sorts for tech products claiming to be secure or, even more boldly,”hacker-proof”.  At this year’s conference one system that came under scrutiny was the much loved Physcial Bitcoin.

In their attempts to break the security of the Casascius Physical Bitcoin, two white-hat hackers used a tried and true method to release the security seal on the back of the coins and reveal the hidden redemption code underneath.  You can read about their methods HERE.  In summary, they succeeded at obtaining the redemption codes and replacing the sticker with almost no visible evidence left behind on the “compromised” coins.  What does this mean for your Titan Bitcoins?

Fortunately, for Titan Bitcoin owners, there’s nothing to worry about.  The creators of the Titan Bitcoin saw this one coming from a mile away.  That is exactly why Titan Bitcoins have a two-factor authentication system which requires an email address and password to redeem our coins.  Even if you buy Titan Bitcoins from a third-party who had criminal intent to steal the value of your physcial bitcoins after the transactions was completed, you’re safe.  As long your coins are registered to an email address that only you have access to, you are impervious to the kind of security breach that was demonstrated at this tears DEFCON.  This highlights yet another reason why its important when buying Titan Bitcoins to follow our guidelines on Buying and Selling Titans.  To re-iterate the main points:

1. Scan the coin’s barcode, or punch in its ID at our Verify page, to check the coin’s current value.

2. Make sure the seller gives you the Coin’s current registration info.

3. Change the coin’s registration info as soon as you have paid for it.

4. Keep that email and password SAFE!


Following these steps will ensure that your coins’ value is safe and ready to be redeemed any time you need it.   While it’s likely to be frustrating for owners of the Casascius bitcoins that they were shown to be so vulnerable, we applaud the founder of Casascius, Mike Caldwell, for quickly implementing his own 2-factor authentication system that is offered as an added option now on his website.  If there’s one thing that’s clear from this security breach, its that the main players in the “bitcoin game” are operating at the cutting edge of security and technology.

At the Titan Mint, we stake our reputation on the security of our physical bitcoins.  We welcome any feedback you have on how we can improve this process.  Leave us a comment below and let us know what you think.