Is CoinSpot Safe?

CoinSpot is one of the most popular cryptocurrency exchanges in Australia. The platform features several products, allowing users to buy, sell, and swap crypto at competitive fees.

However, as with all things crypto-related, it is crucial to consider – is CoinSpot safe?

In this guide, we assess the regulatory status and the security measures of CoinSpot to decide whether this platform is safe for making cryptocurrency investments.

Cryptoassets are a highly volatile unregulated investment product. No UK or EU investor protection.

CoinSpot Regulation & Licenses

As a crypto exchange, CoinSpot operates only in Australia. However, the platform is not licensed by ASIC – the national corporate regulator for financial services. 

Nevertheless, CoinSpot upholds a high level of security and has obtained certifications from other prominent governing bodies.

AUSTRAC

In 2018, CoinSpot received approval from AUSTRAC to provide digital currency exchange services in Australia. AUSTRAC – or the Australian Transaction Reports and Analysis Centre, is a government agency responsible for monitoring financial transactions to identify threats such as tax evasion, money laundering, and fraud. 

With its registration with AUSTRAC, CoinSpot is required to meet several requirements – such as:

• Have a KYC procedure in place to identify and verify the identities of customers.
• Adopting and maintaining an anti-money-laundering program.
• Reporting any suspicious matters or transactions of 10,000 AUD or more to AUSTRAC. 

By registering with AUSTRAC, CoinSpot has taken a big step to help protect Australia’s financial system from criminal abuse and keep its community safe. 

If you wish to compare this platform against other popular AUSTRC-registered crypto providers, you can read our Swyftx vs CoinSpot comparison here.

Certification from Blockchain Australia 

Blockchain Australia is a network for businesses providing services related to the crypto industry. This is a highly respected organization in Australia that a code of conduct in place to promote best practices within the fintech space. 

CoinSpot is a certified member of Blockchain Australia and as such has to abide by the appropriate regulatory and policy settings. This includes implementing the best-practice standards in legal compliance, reputation, AML/CTF, and consumer protection.

ISO 27001 Certification

The ISO 27001 standard is a framework that serves as a guideline for organizations to manage the information and data of their consumers.

In order to obtain an ISO 27001 certification, platforms have to go through a thorough audit and inspection. CoinSpot was awarded this certification in 2020, after completing an external audit undertaken by the SCI Qual International. 

SCI Qual conducted an in-depth investigation into CoinSpot’s security management processes and practices, including digital asset storage, user data maintenance, intellectual property storage, and such.

Moreover, as we noted above, CoinSpot was the first Australian exchange to receive the ISO 27001 certification.

CoinSpot User Protection & Compensation

At the moment, CoinSpot does not offer any insurance in the event of the loss of cryptocurrencies from its platform. For instance, if CoinSpot was to become insolvent, users might not be repaid in full.

And moreover, consumers will not be eligible to claim their funds via the Financial Claims Scheme set up by the Australian government. 

However, this is not necessarily a cause for concern. The exchange has taken sufficient measures and has stringent policies in place to eliminate unauthorized access to user accounts.

Moreover, it also encourages its users to take advantage of the customizable security features available on the platform – which we discuss in the next section. 

How CoinSpot Protects Your Account

CoinSpot is transparent when it comes to the security offered to its customers. The platform has designed a number of ways for its customers to protect their accounts when using the exchange.

That being said, it is also crucial to understand that it is the customers’ responsibility to enforce some of these precautionary measures to safeguard their funds. 

Account Verification 

When signing up as a new user, CoinSpot requires all its customers to complete an account verification process. This is in compliance with AUSTRAC AML guidelines.

To do this, users can submit a digital copy of a proof-of-identity document.

Here is a list of the accepted documents:

• Australian driver’s license or learner’s permit
• Passport
• Photo ID card
• Medicare card
• ImmiCard
• Firearms license

Users are also required to verify and confirm their mobile phone number. CoinSpot will instantly display an on-screen notification of the verification status of the user.

Aside from this, CoinSpot might also ask users to submit an authorization photo from time to time. This requires users to upload a photo with their verified ID in hand.

2FA

Two-factor authentication (2FA) is a process in which users provide two different factors to verify themselves.

Put simply, instead of merely using an email address and password to sign in to CoinSpot, users will also have to utilize an additional log-in credential.

This credential can be in the form of a one-time password that is sent to a registered device. 

To set up 2FA on CoinSpot, users can take the following steps:

• Navigate to the account section of the CoinSpot profile, and click on ‘Settings’. 
• Locate and enable two-factor authentication – this will generate a QR code.
• Download and open the Google Authenticator app on a trusted mobile device.
• Scan the QR code via the Google Authenticator app.
• This will generate a 6-digit token, which has to be entered into the CoinSpot 2FA page.

These passcodes are generated every 30 seconds.

Once 2FA is enabled – every time a user attempts to log in to their CoinSpot account, they will have to enter this randomly generated passcode. 

Geo-Lock Logins

This feature allows users to restrict logins only to Australia and block any attempts for international access. Customers can find this option under the security tab in the account settings of their profile.

If users are planning to travel overseas, it is also possible to disable the geo-lock option using the 2FA token.

That being said, in the event that users are already overseas and find it impossible to disable geo-lock, CoinSpot facilitates account recovery by verifying an authorization photo.

Digital Asset Removal Policy 

Apart from the above-mentioned tools, CoinSpot goes the extra mile to ensure that all crypto projects listed on its platform are compliant with regulatory guidelines.

The provider has devised criteria to consider the authenticity of projects and if there are doubts, the token will be delisted.

In this case, CoinSpot provides significant notice about the delisting so that customers have sufficient time to withdraw their assets.

Put otherwise, users can be sure that CoinSpot regularly surveys the supported cryptocurrencies to make sure that customers gain access only to legitimate tokens.

Phone Verification Phrase

Phishing attempts are becoming more prevalent in the crypto space. One of the most common ways scammers get access to OTP is through phone calls, presenting themselves as an agent from the platform.

To help fight phishing attempts, CoinSpot allows its users to add a custom word or phrase to their account. This phrase will be accessible only to customer support agents working with CoinSpot.

So, for instance, if a user gets a call claiming to be from CoinSpot, they can request the caller to repeat this unique code.

This allows customers to determine the legitimacy of the phone call and if they are speaking to a CoinSpot support member.

Moreover, it is important to remember that customers should never share their password or 2FA code with anyone, including customer support agents.

Is the CoinSpot Crypto Wallet Secure?

Similar to other well-known crypto exchanges, CoinSpot offers a wallet that helps users store digital and fiat currencies. CoinSpot’s wallet could easily rank among the top crypto wallets in Australia, as it enables users to monitor their account balances and buy, sell, or exchange digital assets.

However, the CoinSpot crypto wallet is not a separate app – but is instead integrated into the platform and serves as a custodial storage option for digital assets.

This means that CoinSpot will have access to the wallet’s private keys. As such, in the event users lose or forget their password, they can recover access to their assets by contacting the CoinSpot support team.

CoinSpot has also made it clear that the majority of digital assets are not stored on the platform, but in cold wallets.  However, it isn’t clear what percentage of cryptocurrencies is moved offline or to which facility. 

The platform has also taken additional steps to help users boost the safety of their wallets – which are as follows. 

2FA

Two-factor authentication can also be extended to the CoinSpot mobile wallet. As we discussed above, this requires users to enter a randomly generated passcode to gain access to their accounts.

Biometric Login

If using the CoinSpot mobile app to access the wallet, users can also set up biometric login.

This can be done using face-ID, or a fingerprint scan on both iOS and Android devices.

Account-Wide Withdrawal Bans

Users can also contact the team to enable withdrawal bans to ensure that scammers cannot access the assets stored in their wallets.

Are Payments Secure on CoinSpot?

CoinSpot is considered one of the best crypto exchanges in Australia because it lets users buy cryptocurrencies using AUD.

To facilitate fiat payments, CoinSpot has partnered with the following providers:

• PayID
• POLi deposits
• BPAY
• Direct deposits
• Blueshyft cash deposit

All these third-party providers are highly reputable and facilitate the secure transfer of funds.

Is CoinSpot a Listed Company?

CoinSpot is owned, operated, and controlled by Casey Block Services Pty Ltd. This is an Australian proprietary company, based out of Windsor. 

Although a well-established firm, Casey Block Services is not publicly listed at the time of writing. 

How Many People Use CoinSpot?

CoinSpot claims to have over two million users in Australia.

While this might not seem like a significant number when compared to global exchanges like eToro or Coinbase, it is important to consider that CoinSpot caters only to the Australian market.

In that regard, the platform has managed to attract a notable number of domestic users to its platform. Moreover, this number is growing every day, as the platform continues to add more features and extends support for more cryptocurrencies.

CoinSpot Customer Service & Contact

CoinSpot presents its users with two ways to contact its customer support team.

Customers can start a conversation with a specialist via the live chat feature of the platform.

This option is available during the following operating hours:

• 9 am – 8 pm AEDT on Monday to Friday
• 9 am – 5 pm AEDT on Saturday and Sunday

The usual turnaround time for a response is five minutes. 

Alternatively, users can also submit a request via Zendesk to contact the customer service team 24/7. CoinSpot also lets its users seek assistance by sending a direct email to [email protected]. 

How to Keep Safe When Trading with CoinSpot

As we have discussed, CoinSpot offers an assortment of security features for users to safeguard their accounts.

That being said, it is ultimately the consumer’s responsibility to take the necessary steps to protect their data and funds. 

When using CoinSpot, consumers can and should execute the following measures:

• Use a unique email address and password – The platform recommends allocating an email address specifically for the CoinSpot account and generating a complex password.
• Activate 2FA – Enable 2FA and biometric verification for accessing the CoinSpot account.
• Move cryptocurrencies to a secure wallet – Those planning to hold cryptocurrencies for the long term should consider moving their assets to a private, non-custodial or physical wallet for added security.
• Use anti-phishing code – CoinSpot offers multiple ways of verifying phone calls, and it is recommended to take advantage of the anti-phishing code to avoid scams.

Above all, users should also educate themselves about common scams in the crypto space.

CoinSpot has worked hard to inform users about various scams and phishing attacks. Users can also use the guides to understand how to make safe investments, crypto tax in Australia, and the best trading strategies. We encourage all users to read these guides to make sure they take the right steps to protect their funds and information.

Is CoinSpot the Best and Safest Crypto Exchange?

As our guide has detailed, CoinSpot indeed is safe and has invested heavily in the security of its user accounts. Nonetheless, CoinSpot has a notable shortcoming – the platform is not regulated by ASIC. 

• The Australian Securities and Investments Commission (ASIC) is an independent body set up to regulate financial services in the country.
• This governing body ensures that all financial service providers follow the guidelines that are designed to protect consumers, investors, and creditors.
• Put simply, brokers that are regulated by ASIC are required to treat their consumers fairly and provide sufficient transparency. 

Needless to say, choosing a crypto broker licensed by ASIC might be the right move for the security of assets.

If looking for an ASIC-licensed platform, the best option to consider would be eToro. This global trading platform boasts a customer base of over 25 million users and operates in more than 100 countries. 

Whether it is to buy Bitcoin or other digital currencies, eToro presents users with an incredibly user-friendly interface. Furthermore, it also supports dozens of crypto-to-fiat, and crypto-to-crypto pairs for trading, and provides access to price charts and market research tools.

eToro can also be used to gain access to stocks, ETFs, metals, agricultural commodities, and the forex market. Users based in Australia can get started on eToro by depositing fiat money into their accounts. eToro only charges a 0.5% conversion fee for processing payments in AUD.

Furthermore, users can engage in cryptocurrency trading at a flat fee of just 1% – which includes the spread.

eToro also lets users fund their accounts with credit/debit cards and e-wallets such as Paypal – a feature that is unavailable on CoinSpot. Aside from this, the platform also accepts payments via bank transfers and POLi. In addition to this, eToro also has a Copy Trading tool, which allows users to mirror the investments of other traders.

Like CoinSpot’s crypto bundles, eToro also lets users diversify their investments easily via Smart Portfolios. For beginners, this platform has also set up access to demo trading accounts. Finally, eToro is also regulated by the SEC in the US, FCA in the UK, and by CySEC in Cyprus.

Cryptoassets are a highly volatile unregulated investment product. 

Is CoinSpot Safe? – The Verdict 

CoinSpot has built a solid reputation in the Australian crypto industry. It is registered with AUSTRAC and has implemented several security criteria for the protection of user accounts.

Moreover, it also gives customers control over their data by utilizing customizable safety measures. So, in conclusion – is CoinSpot Legit? – Yes.

However, the platform is not regulated by ASIC, and as such, investors might prefer eToro.com as the safer alternative.

This social trading platform is licensed by multiple top-tier financial authorities and supports not only low-cost crypto markets Copy Trading tools, but also stocks, ETFs, and commodities.

Cryptoassets are a highly volatile unregulated investment product. 

FAQs