What's the most secure crypto wallet?

Before you can buy crypto, you’ll need a crypto wallet. But with so many options—hardware vs. software, custodial vs. non-custodial—it can be hard to know where to begin. The type of crypto wallet you use will depend on your needs and preferences—but whichever you choose, security should be your top priority.

In this article, we’ll discuss some important security considerations with each type of crypto wallet.

Understanding custodial and non-custodial crypto wallets: pros and cons

Your first decision when choosing a crypto wallet will be between a custodial and non-custodial wallet. This major distinction is centered on your wallet’s private keys—and who controls them. Similar to a bank card PIN, your private key is like a unique alphanumeric password that allows you to spend or send cryptocurrency out of your wallet.

How custodial crypto wallets work: advantages and risks

With a custodial wallet, your wallet’s private keys are under the care of a central authority (much like a traditional bank account). Most often, that’s a centralized crypto exchange (CEX). In this case, the CEX holds your private keys and is responsible for securing the funds in your wallet.

The security benefits of using a custodial wallet include:

  • You don’t need to personally secure and manage your private keys (or recovery phrase)
  • CEXs may offer some bank-style protections and—occasionally—some form of insurance

The security disadvantages of using a custodial wallet include:

  • You need to trust a custodian (usually a CEX) to secure and manage your private keys
  • You must trust that a CEX won’t go bankrupt, or otherwise lose or misuse your assets

How non-custodial crypto wallets work: advantages and risks

On the other hand, non-custodial wallets give you complete control of your private keys—shifting the responsibility of securing your crypto from a CEX to yourself.

The security benefits of using a non-custodial wallet include:

  • You retain complete control over the assets in your wallet
  • You don’t need to trust a CEX with your private keys (but you do need to trust your wallet provider and the software or hardware you use)

The main security disadvantage of using a non-custodial wallet is:

  • You’re solely responsible for securing your wallet’s private keys (or recovery phrase) from loss and theft

When it comes to custodial and non-custodial wallets, there’s a tradeoff between trust and responsibility. Custodial options require much less personal responsibility, but you’ll need to trust a CEX. Non-custodial options don’t entail trusting a CEX, but you’ll take on much more personal responsibility.

Learn more about the distinction between custodial and non-custodial wallets—and the benefits of each—in our deep dive on crypto custody.

Comparing hardware and software wallets: features and security

The next major distinction between crypto wallets is hardware versus software. The key difference between these types of wallets is how you access them and how they access the Internet. Note that hardware wallets are always non-custodial, but software wallets come in both custodial and non-custodial varieties.

Security considerations for software wallets

There are a wide variety of software wallets—essentially programs that are available for devices like your computer, phone, or Web browser. Software wallets can come as desktop or mobile apps, browser extensions, or as Web apps that you access through a website (like a CEX-hosted crypto wallet). Brave even makes a browser-native crypto wallet (Brave Wallet) that’s built right into the Brave browser, requiring no additional downloads.

Software wallets are considered “hot” wallets because they’re installed on devices that are almost always connected to the Internet, which might make your private keys more vulnerable to hacking attempts.

In addition to this main security concern, the different types of software wallets have their own security considerations, such as:

  • Browser-native wallets: Generally considered the most secure and don’t require additional downloads. Main risks include trusting and relying on the browser for security features.
  • Desktop wallets: Might be considered more secure than mobile apps because desktops are less portable and less frequently connected to the Internet. Main risks include trusting the wallet provider, and being sure to download and use the correct version of the app.
  • Mobile wallets: Similar to desktop wallet apps, but on mobile. (Note that many CEX-hosted custodial wallets also make mobile apps.) Main risks include being frequently connected to the Internet, being highly portable which may increase the chance of loss or theft, and ensuring you’re using authentic apps.
  • Web-based wallets: Almost always custodial CEX-hosted wallets accessed via a website. Main risks include verifying you’re accessing the real website, and avoiding scams like phishing attempts.
  • Extension wallets: Available as extensions for popular Web browsers. Main risks include verifying the authenticity of extensions (i.e. avoiding “spoofing”) and trusting the extension provider, because extensions often require broad-reaching permissions over your browser.

Security considerations for hardware wallets

Hardware wallets differ from their software counterparts by storing your private keys on a physical device—similar to a flash drive—that syncs with your computer or mobile device through a USB or Bluetooth connection. Hardware wallets are always non-custodial; they store your private keys on the device itself.

Although hardware wallets must connect to the Internet to broadcast a transaction, private key transaction signing happens offline. As a result, the private keys are never visible online. When hardware wallets aren’t in use, they don’t have an Internet connection, which is why they’re also known as “cold” wallets. For this reason, even a malware-infected computer or mobile device can’t access your funds when stored in a non-custodial hardware wallet. Many people use hardware wallets for long-term storage of larger amounts of crypto that they don’t need frequent access to.

The main security benefits of using a hardware wallet include:

  • Your private keys are stored offline
  • Most reputable hardware wallet providers have robust anti-fraud security measures to verify the authenticity of a device

The security disadvantages of using a non-custodial wallet include:

  • You’re solely responsible for securing your hardware wallet (and its recovery phrase) from loss and theft
  • Attackers may try to scam users with fake or fraudulent hardware wallets

What’s the best crypto wallet for you?

This guide considers the most important security considerations involved with choosing a crypto wallet. While security is the single most important factor when it comes to storing crypto in a wallet, you’ll ultimately want to evaluate a wallet’s security alongside its features and functionality, ease of use, and other factors.

Keep in mind that many people use a combination of different crypto wallets for different purposes, like a software wallet for everyday use, and a hardware wallet for long-term storage.

The highly secure, browser-native Brave Wallet is a good option for those looking for the best of both worlds. It’s built right into the Brave browser and connected to the Internet for quick access, and you can use it to manage your hardware wallets for more secure crypto storage. Try Brave Wallet today.

Related articles

How to set up a self-custody crypto wallet

When it comes to crypto wallets, the two main options are custodial and non-custodial (aka “self-custody”). The difference comes down to private keys. In this primer, we'll discuss the pros and cons of each type, and explain how to set up a self-custody crypto wallet.

Read this article →

Ready for a better Internet?

Brave’s easy-to-use browser blocks ads by default, making the Web cleaner, faster, and safer for people all over the world.

close
close

Almost there…

You’re just 60 seconds away from the best privacy online

If your download didn’t start automatically, .

  1. Download Brave

    Click “Save” in the window that pops up, and wait for the download to complete.

    Wait for the download to complete (you may need to click “Save” in a window that pops up).

  2. Run the installer

    Click the downloaded file at the bottom left of your screen, and follow the instructions to install Brave.

    Click the downloaded file at the top right of your screen, and follow the instructions to install Brave.

    Click the downloaded file, and follow the instructions to install Brave.

  3. Import settings

    During setup, import bookmarks, extensions, & passwords from your old browser.

Need help?

Get better privacy. Everywhere!

Download Brave mobile for privacy on the go.

Download QR code
Brave logo Click this file to install Brave
Click this file to install Brave Brave logo