Security Concern Regarding Recommended Coinbase API Integration

nMtIMflQ8aANciEpkFpu
edited February 23 in Feedback

I'd like to raise a concern with critical issue pertaining to the security recommendations made by your support team about integrating Coinbase's API. After speaking with your support team in regard to how I can integrate coinbase into your services they recommended granting ALL permissions for the API token. This approach poses a substantial security threat and could have far-reaching consequences for your users.

By allowing full access, the generated token would have the capability to send and receive currency from a user's wallet. This is not just a minor oversight but a significant vulnerability that exposes users to heightened risks. These risks include, but are not limited to:

  1. Potential Quicken Data Breach: In the event of a security breach at Quicken, these tokens could be exploited, leading to unauthorized transactions.
  2. Internal Threats: The possibility of a rogue developer within Quicken misusing these tokens cannot be overlooked.
  3. Compromise of API Key within Coinbase: If the API key is compromised on Coinbase’s end, it would directly impact the security of the user's funds.
  4. Risks with Private Wallets: Users who store credentials in private wallets are also at risk if these credentials are not adequately protected.

This advice not only endangers the financial security of your users but also puts Quicken Simplifi in a precarious legal and ethical position. The potential for financial loss and violation of trust is immense, and the ramifications could be severe.

I strongly urge your upper management and legal team to review this recommendation immediately. It is imperative to consider a more secure approach that limits permissions to only what is absolutely necessary for the functionality of the integration. The current recommendation undermines the trust that your customers place in your platform and jeopardizes their financial security.

As a concerned user, I hope you will take immediate action to address this issue and implement more stringent security measures to protect your customers and your company.

Comments

  • Coach Natalie
    Coach Natalie Administrator, Moderator admin

    @nMtIMflQ8aANciEpkFpu, thanks for posting your feedback to the Community!

    Although I'm not too familiar with API Keys or the security risk that could come from a recommendation like this, I have forwarded your feedback along to the appropriate parties so they can take a closer look.

    When it comes to connecting to your banks in Quicken Simplifi, however, your data is very secure. No person at Quicken or with our aggregation service provider can access your online banking credentials, as these are all encrypted and stored on servers that use state-of-the-art security measures.

    https://help.simplifimoney.com/en/articles/5687989-how-does-quicken-simplifi-connect-to-my-bank

    https://help.simplifimoney.com/en/articles/3363727-quicken-simplifi-subscription-questions?q=secur

    With that, were you able to resolve the issue of connecting to Coinbase in Quicken Simplifi? I see that an escalation was submitted for a 108 error, and it appears that the suggested steps came from our service provider. Were you able to give the steps a try, or was there perhaps a misunderstanding of what was being asked of you?

    Or are you using a Coinbase Pro account, which appears to not currently be supported?

    Please let us know so we can best assist!

    -Coach Natalie

  • I was unable to resolve my issues with connecting Coinbase because the suggested method of connection puts my funds at risk of theft. The only reasonable method of connecting to coinbase's API is through limited permissions that allow read only access; and under no circumstance should someone connect a 3rd part with the ability to send and receive cryptocurrency in an account.

    Encryption, while a robust security measure, is not impervious to decryption methods, the methods of decryption are likely familiar to a segment of your engineering team. While the risk posed by potential decryption is relatively low it is not negligible. A more pressing concern lies in the realm of cyber threats, specifically hacking and data breaches. These risks are exacerbated when considering the interconnectedness of your systems with Coinbase and customer use of password managers for storing API keys. Such a configuration could create vulnerabilities, offering points of entry for unauthorized access and potentially leading to significant security breaches.

    An optimal solution would involve your team developing a comprehensive list of specific read-only permissions necessary for successful integration with Coinbase. My attempts to enable all read-only permissions have been unsuccessful, indicating a disconnect in the integration process. With 34 for unique permissions that can be selected within Coinbase this allows for 17,179,869,184 possible unique permissions that could be selected; which I don't have the time to troubleshoot and guess which ones your service requires.

  • Checking in, since I haven't heard back. I am not using coinbase pro. My account is fully compatible with your advertised support. Do you have a resolution or should I seek a refund and a new provider to monitor my finances?

  • Coach Natalie
    Coach Natalie Administrator, Moderator admin

    @nMtIMflQ8aANciEpkFpu, I apologize for the lack of response; it wasn't clear that you were still looking for assistance with this.

    If the issue you experienced was a 108 error, since this was already escalated, I'd say that if you don't want to follow their recommendation there is most likely nothing further that can be done from our end. If you'd like to start all over with troubleshooting the issue here in the Community, we can certainly do so, but we won't be able to submit another escalation or anything along those lines. The response on the escalation came from our service provider, and they'd be the ones to know what needs to be done.

    Otherwise, you are welcome to create an Idea post requesting a change to the connection with Coinbase, such as what you mentioned above with read-only permissions, so other users can vote on it and our product team can review it.

    Sorry for not having better news for you!

    -Coach Natalie

  • Your proposed resolution contradicts all established best practices in security, particularly the principle of least privilege. Given the potential risks this poses to the security of my Coinbase account, I've decided to terminate my account with you and seek a service with a more robust approach to security and risk management. It's quite hard to even fathom the recommended suggestion here is reiterate this as an option.

    Additionally, I am not inclined to participate in a 'voting system' for feature requests in hopes this is resolved, especially on issues that are critical from a technical perspective. It is imperative that your company protects customers who may not have a technical background understand the significance of these security concerns. As a service provider, it is your fundamental obligation to ensure customer protection. Neglecting these security measures is tantamount to knowingly compromising the safety of your users.

This discussion has been closed.