Trust Score Algorithm Update: Incorporating Hacken’s CyberSecurity Score

trust-score-hacken

The crypto industry struggles with the growing issue of wash-trading and falsified volumes amongst cryptocurrency exchanges. Our hypothesis is that exchanges are manipulating trading volumes to show the world (falsely) that they are the biggest exchanges in the world. 

We required a way to tell exchanges’ real liquidity beyond just trading volume, and with that in mind, we launched Trust Score on CoinGecko in May 2019.  We became the first major crypto data aggregator to have a comprehensive exchange ranking methodology beyond just trading volume.

Fast forward one year to today, Trust Score now has major implications for the crypto industry as many of the players have followed suit and gradually adopted liquidity-centric measurements on their site. Here’s how Trust Score impacted exchange rankings:

Trust Score is an algorithm designed to include the multiple facets of what an actively cryptocurrency exchange should have – liquidity, trading activity, scale, technical expertise and more. In 2019, we rolled out Trust Score in two separate releases:

• Trust Score (May 2019) – ranks trading pairs based on web traffic, liquidity & trading activity related metrics.

• Trust Score 2.0 (Sep 2019) – ranks exchanges based on web traffic, liquidity, scale & API coverage.

Today, we will be committing another update to the Trust Score.

Adding CyberSecurity Metrics into the Mix

“Any metric that gets measured will eventually be manipulated”

We publicly disclose all of our methodologies for Trust Score (1, 2) in favor of transparency, and that made it possible for certain unscrupulous players to game it. We won’t stop being transparent about our methodologies, and that means we will need to continue to be one step ahead in our quest to bring actionable insights when it comes to exchange market data.

Trust Score needed to be made more robust and cybersecurity was the metric of choice for it. Cybersecurity is something that we felt would benefit everyone in the space – from retail users to institutional investors, and even for the exchanges themselves. 

Crypto exchanges today are quite literally websites that hold millions (or billions) of dollars of user funds, making them prime targets for hackers. Without the right cybersecurity practices, they will be prone to hacks or exploits resulting in loss of user funds. There is absolutely no point in using an exchange that has the best order-matching engine if it cannot ensure that funds are safe. 

Cybersecurity has far-reaching implications for the entire crypto industry. When done right, everyone benefits from an industry that matures and becomes safer. It is not something to be taken lightly, and we believe only a team that possesses the necessary expertise and experience to evaluate cybersecurity can be up for the task.

Hacken for CyberSecurity

Today we’re proud to announce that we have found the right partner – Hacken, to work on this initiative together to increase user awareness on the need for exchanges to improve their cybersecurity practices. 

Hacken is a cybersecurity firm established in Estonia that has been proactively tracking exchanges cybersecurity practices in the past 2 years through their work at CER.live. In particular, we looked at the CyberSecurity Scores for crypto exchanges as evaluated by the Hacken team. There are three main categories which were evaluated:

  1. Product & Infrastructure – This covers how well an exchanges’ frontend & web services are set up against external facing threats. Evaluates availability of features such as Server Security, DNS SEC, Firewalls, Spam Protection and more.
  1. User Accounts – This evaluates the ability of an exchange to protect its users against external threats, such as enforcement of 2-factor authentication (2FA), Password Policies, Captcha, Phishing protection and more.
  1. Others – No less important than the above – Hacken also considers any previous hack cases & the availability of bug bounty programmes which can help crowdsource vulnerability disclosures in a responsible and controlled manner.

To find out more about the methodology behind CER.live, see their blog post here.

Trust Score Weightage with CyberSecurity:

With the introduction of Cybersecurity, Trust Score is now evaluated based on Liquidity, CyberSecurity, API coverage & Scale metrics on a scale of 0 – 10.

Liquidity (5 of 10) – Exchanges are one of the liquidity hubs of the crypto ecosystem, moving billions of US dollars equivalent in user funds on a daily basis worldwide. Having actual liquidity remains as one of the most important criterias of evaluation. 

CyberSecurity (2 out of 10) – Tying in with the fact that crypto exchanges have substantial monetary holdings, their ability to maintain a secure operational environment then becomes a very important evaluation criteria.

API Coverage (2 out of 10) – API measures technical coverage, as well as data availability which are also important factors to consider for transparency purposes throughout the evaluation process.

Scale (1 out of 10) – Scale is a statistical analysis that measures and compares the trading volume & order book depth of among exchanges.

What’s Next?

We are constantly monitoring the performance of Trust Score and with the help of much constructive feedback from our community, we are confident that Trust Score will continue to evolve into a more robust ranking algorithm.

Trust Score was a major step for us in providing neutral and impartial data. It also represented a major shift in how evaluation can be done for crypto as a whole. We are excited to continue this journey and hopefully it will also help you as a user on CoinGecko to make better informed decisions!

The space demands transparency and here at CoinGecko we remain committed to it. Expect to see more metrics analysed and included in the future as we continue to work hard to bring you actionable insights throughout our website in a transparent manner!

If you have any opinion or feedback, do get in touch with us on Twitter, Telegram, Discord or Email us at hello@coingecko.com.

Share on twitter
Twitter
Share on telegram
Telegram
Share on facebook
Facebook
Share on linkedin
LinkedIn
Share on email
Email

3 thoughts on “Trust Score Algorithm Update: Incorporating Hacken’s CyberSecurity Score”

  1. Tanjid Ahmed

    This is the most important feature in exchange ranking and makes coingecko different from others. Hope coingecko will update their system day by day and tell themselves who run shitty exchange still managed to rank high on other platform that people aren’t fool like you. Thanks COINGECKO for this awesome feature.

Leave a Comment

Your email address will not be published. Required fields are marked *