Login | Register

Coinbase online payment system

Coinbase
https://coinbase.com/

Updated on October 11, 2012
Views: 5612 | Clicks: 269


Website Screenshot



General Information

 

 

Glyphicons_055_stopwatch
Instant Payments

Payments arrive at the speed of an email (just a few seconds) and are confirmed within the hour. No more waiting three business days for checks.

Glyphicons_037_credit
Low Transaction Fees

Coinbase charges just 0.5% when you buy or sell bitcoin via bank account transfer. After that all bitcoin-to-bitcoin transactions are free.

Glyphicons_163_iphone
Pay By Phone

Our website works great on modern smartphones (iPhone, Android, etc). Just visit coinbase.com from your mobile browser.

 

Glyphicons_263_bank
Simple Transfers

Use your bank account to purchase bitcoins. Transactions are processed within two to three business days. (coming soon)

Glyphicons_280_settings
Merchant Tools

Easily create "buy now" or donate buttons. We also offer full shopping cart integration. (coming soon)

Glyphicons_040_stats
Widespread Adoption

About $2 million a day (USD) is already being transacted in bitcoin. It's quickly becoming an international currency.

Currencies

Bitcoin

Countries of use

USA

Users

private and business

Fees

0.5% when you buy or sell bitcoin via bank account transfer

Recent news

Posted on July 20, 2018
Updating the Coinbase Bug Bounty Program

Coinbase is the most trusted place to buy, sell, and manage cryptocurrency. The protection and security of our customers’ identities and funds is our top priority. We’re constantly making improvements to our security posture, including ongoing updates to our HackerOne Bug Bounty Program.

We’ve come a long way from our first program at the start of the company when we were paying bounties in bitcoin from coinbase.com/whitehat, to our initial move to the HackerOne platform in October 2014, and our most recent update to our program last fall. This update is our fourth major iteration, and it includes:

  • Changed report evaluation from mechanism-driven to severity-driven
  • Expanded (quite considerably) the legal assurances we provide to security researchers engaging with our program
  • Increased bounty payouts

Severity-Driven Report Evaluation

This update provides a new methodology and greater level of detail on how we evaluate reports. We hope that this can provide a repeatable, fair, transparent, and published reasoning for determining bounties.

We have changed our assessment methodology to move from being mechanism driven (e.g., XSS or CSRF) to being severity driven (e.g., improper access to sensitive information or ability to manipulate account balance). This change aligns the size of our bounties to the potential consequences that an unaddressed security vulnerability could have on Coinbase and our customers.

The change is described in length in our HackerOne Bug Bounty Program, so we only provide a brief summary here.

Coinbase awards bounties based on severity of the vulnerability. We determine severity based on two factors: Impact and Exploitability.

  • Impact describes the effects of successful exploitation upon Coinbase systems or customers. We make this assessment primarily by examining the effects of exploitation on confidentiality, integrity, or availability of underlying systems. Vulnerabilities that require considerable response and remediation or could result in reputational damage are also considered to have greater impact.
  • Exploitability describes the difficulty of actively exploiting the vulnerability itself. We make this assessment primarily based on the prerequisites for exploitation, including level of access required, availability of information critical for successful exploitation, and likelihood of alignment of required factors outside the attacker’s direct control such as social engineering requirements or timing requirements.

Expanded Legal Assurance to Researchers

The program update also includes more specific guidance on our Program Policies. The biggest change we’ve made to our policies is expanding and articulating the legal safeguards we provide to security researchers participating in our bug bounty program.

Security research plays an important role in safeguarding the privacy and security of everyone who uses modern technology. As such, it is equally important for technology companies to play an active role in safeguarding the rights of individuals to tinker with, investigate, and probe technology systems.

We have updated our Program Policies to provide strong assurances to researchers that we support and explicitly endorse their efforts to make Coinbase more secure. We have included an explicit promise not to legally pursue any researcher for activities undertaken in good faith under our Bug Bounty Program policies.

We’d like to give a shoutout to Amit Elezari’s #legalbugbounty project and Dropbox for raising the bar for bug bounty programs. Crafting a good program is made significantly easier when other strong examples exist, pushing standards higher.

Best in Class Bounty Levels

As digital currencies surge in value and relevance, so does Coinbase’s appeal to attackers. Given that environment, it is important we stay best in class when it comes to our bounty payouts. We want to ensure we are appropriately incentivizing white hat security research and doing our part to provide a compelling return for a researcher’s time and effort.

Our bounty update simplifies bounty tiers and provides higher rewards for many common vulnerabilities. As mentioned above, Coinbase awards bounties based on the severity of a vulnerability, not the mechanism or vulnerability class. In addition to explaining our process for evaluating the severity of a vulnerability, we also believe that researchers deserve to have concrete expectations on the bounties for a particular severity level. For each tier, we’re giving examples of reports that would fall into the category.

Critical ($50,000 minimum bounty)

  • Remote Code Execution
  • Ability to arbitrarily manipulate account balances

High ($15,000 minimum bounty)

  • User Authentication bypasses
  • Privilege escalation allowing unauthorized access to sensitive data or funds

Medium ($2,000 minimum bounty)

  • CSRF impacting non-critical settings
  • User de-anonymization

Low ($200 minimum bounty)

  • Leakage of lower sensitivity information such as name or email address
  • Potential phishing vector that Coinbase has the ability to mitigate

We are actively hiring across the board and invite you to take a look at our open positions.


Updating the Coinbase Bug Bounty Program was originally published in The Coinbase Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Read more on Coinbase
Posted on July 13, 2018
Coinbase is Exploring Cardano, Basic Attention Token, Stellar Lumens, Zcash, and 0x

We are exploring the addition of several new assets, and will be working with local banks and regulators to add them in as many jurisdictions as possible.

Today we are announcing that we’re exploring the addition of the following assets to Coinbase:

  • Cardano (ADA)
  • Basic Attention Token (BAT)
  • Stellar Lumens (XLM)
  • Zcash (ZEC)
  • 0x (ZRX)

We are making this announcement internally at Coinbase and to the public at the same time to remain transparent with our customers about support for future assets.

Unlike the ongoing process of adding Ethereum Classic, which is technically very similar to Ethereum, these assets will require additional exploratory work and we cannot guarantee they will be listed for trading. Furthermore, our listing process may result in some of these assets being listed solely for customers to buy and sell, without the ability to send or receive using a local wallet. We may also only enable certain ways to interact with these assets through our site, such as supporting only deposits and withdrawals from transparent Zcash addresses. Finally, some of these assets may be offered in other jurisdictions prior to being listed in the US.

As part of the exploratory process, customers may see public-facing APIs and other signs that we are conducting engineering work to support these assets. While we cannot commit to when or whether these assets will become available at this time, we will provide updates to our customers about the process and what they can expect via the Coinbase blog and Twitter.

Going forward, you should expect that we will make similar announcements about exploring the addition of multiple assets. Some of these assets may become available everywhere, while others may only be supported in specific jurisdictions.

Frequently Asked Questions

Q: Can you tell me more about these assets?
You can find information on the assets being explored at their respective websites:

Q: Why explore these assets at this time?
In evaluating these assets for exploration, we relied as much as possible on the criteria in our published Digital Asset Framework, but found that many of the criteria required communication with external parties to fully evaluate. Regardless, here’s what we found notable about each of these assets.

Cardano (ADA)
The Cardano protocol was created by Charles Hoskinson, one of the co-founders of Ethereum. Cardano’s Bitcoin-like Settlement Layer (CSL) mainnet is live and it has a functional wallet for its built-in ADA cryptocurrency. It has also taken a different technical direction from other blockchains on several axes, like its Ouroboros proof-of-stake algorithm, its use of Haskell, and its focus on formal verification. While Cardano’s Computation Layer (CCL) is not yet live, the project has published long-term roadmaps, has shipped working software, and appears to have a growing community.

Basic Attention Token (BAT)
The Basic Attention Token (BAT) is the internal token of the Brave browser. The initial purpose of the BAT is to allow advertisers to pay for user attention when they view ads via Brave, but it can potentially be used as a general digital currency for Brave user interactions with arbitrary websites. Brave announced that they have recently passed 3 million monthly users and are in the top 10 list in the Google Play store in more than 20 countries. More than 18,000 verified publishers are using Brave across 4,500 websites and 13,500 YouTube and Twitch streamer accounts. The CEO of Brave is Brendan Eich, the inventor of Javascript and co-founder of Mozilla and Firefox, and the company is funded by Founders Fund and Digital Currency Group, among others.

Stellar Lumens (XLM)
Stellar is an open-source protocol for value exchange developed by Stanford CS professor David Mazieres, Rust language author Graydon Hoare, and Jed McCaleb. Lumens (XLM) are the native asset of the Stellar network. Stellar’s consensus protocol is different from proof-of-work in that it allows and requires individual nodes to choose the set of other nodes they trust as a group (a “quorum slice”) to give them accurate information about the state of the Stellar network. Stellar allows for the creation of anchors that can issue assets, use bridge servers to interface with existing banks, and follow Stellar’s compliance protocol. Initially funded by Stripe, Stellar’s board members include Khosla Ventures partner Keith Rabois, Stripe cofounder Patrick Collison, Wordpress founder Matt Mullenweg, YCombinator President Sam Altman, MIT DCI head Joi Ito, and AngelList founder Naval Ravikant.

Zcash (ZEC)
Zcash is a cryptocurrency which uses recent advances in cryptography to allow users to protect the privacy of transactions at their discretion. The distinction between Zcash’s “transparent” and “shielded” transactions is analogous to the distinction between unencrypted HTTP and encrypted HTTPS. In both cases, the unencrypted/transparent version of the protocol allows third parties to see metadata associated with the communication or transaction, while the encrypted/shielded version protects this information. The Zcash protocol has been live since 2016 and the development team has published technical improvements that may reduce the memory consumption associated with transaction privacy by 98%.

0x (ZRX)
0x is an open protocol that allows ERC20 tokens to be traded on the Ethereum blockchain. ZRX is the native utility token of the 0x protocol, and several dozen independent projects have been built with the 0x technology, including relays and decentralized exchanges with tens of millions of dollars in collective transaction volume to date. The project has shipped a number of tools for developers, including Javascript, Solidity, and Web3 libraries, and has mostly adhered to the roadmap outlined in their whitepaper.

Q: What is the status on adding Ethereum Classic (ETC)?
We are underway with engineering work to add Ethereum Classic (ETC), and it is proceeding as planned. We are making this announcement so that we can begin the next phase of work to explore adding more assets to the platform.

Q: What is the status on adding ERC-20 assets?
We announced our general intention to support ERC20 assets in March. The BAT and ZRX assets are the first specific ERC20-based assets we are exploring for addition to the platform.

Q: How will you decide what countries to launch these assets in?
Regional support will depend on a case-by-case analysis that looks to legal, compliance, and other factors that are relevant to that jurisdiction. In some cases, you should expect certain assets to be available in other jurisdictions before coming to the US.

Q: Does this mean Coinbase has deemed these assets to not be securities under a particular country’s laws?
No. That legal analysis is ongoing and will vary by jurisdiction. As we only plan to launch assets which are compliant with local law, some assets may only be available in specific jurisdictions.

Q: Why is this just an exploration, rather than an announcement that Coinbase is adding these assets?
In an effort to be as open and transparent as possible, we’re announcing that our teams are exploring the feasibility of supporting these assets. This is consistent with our process for adding new assets. But unlike Ethereum Classic, which is technically very similar to Ethereum, these assets will require additional exploratory work that may result in one or more of them being listed only in specific jurisdictions, or not at all.

Q: Which Coinbase platforms will support these assets?
We have not made this determination at this time, but we hope to offer support for each asset across the widest variety of products in each jurisdiction.


Coinbase is Exploring Cardano, Basic Attention Token, Stellar Lumens, Zcash, and 0x was originally published in The Coinbase Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Read more on Coinbase
Posted on July 10, 2018
Bar Raisers At Coinbase: If You’re Not A Hell Yes, You’re A No

Coinbase has come as far as it has because of the talented, passionate people we attract. I’ve written before about the importance of hiring the right people. In this post, I want to share how we’ve introduced a bar raiser program at Coinbase, to help us raise the bar with every hire.

Hiring the wrong people is a risk factor for companies of all sizes, but it’s especially significant for companies going through hyper-growth. A common failure mode of companies at our stage is to have the quality of hires slip as the pace of hiring increases. This may sound like an obvious mistake, but it’s the default state without a conscious effort to prevent it.

Here’s why:

  1. There is so much work to do as a company goes through hyper-growth that teams feel overwhelmed — the pressure to hire is enormous (we’re swamped!)
  2. You have people interviewing candidates who themselves are brand new to the company and haven’t had time to absorb the culture and hiring bar.

Most companies hire by focusing solely on skills, and hiring decisions are made unilaterally by a hiring manager. At Coinbase we’ve taken a different approach.

Candidates are screened for both skills and meeting our values (having a match on just one is not enough to be hired) and a qualified “bar raiser” with veto power is included on every hiring panel — the hiring manager does not have unilateral power to hire.

You can think of the bar raiser as an additional check and balance on the process. Our hiring process is designed to (occasionally) miss out on a good candidate rather than make a bad hire — we’d prefer a false negative to a false positive

And though we give bar raisers, who have been trained around our values, a special veto power, we ask every person who works at Coinbase to take responsibility for raising the bar.

How do you know you’re a hell yes?

When making a decision on a candidate, we coach hiring panel members to ask themselves questions like:

  • Did I leave the interview with more energy than when I went in? Did I leave inspired?
  • Did I learn something from this candidate?
  • Is this person much better than me in at least one area?
  • Could this person start adding value right away? Would they take work off my plate or create more work for me?
  • Does this person raise the average at Coinbase? Does them starting Monday make me want to work here more or less?

If the answer to any one of those questions is “no,” or even “maybe,” then we ask people on the hiring panel to round down to a no. In other words: for us, if you’re not a hell yes, you’re a no. And when you know that every person who made through your doors was hired with a “hell yes,” your company becomes a very exciting place to be.

This isn’t the only way to grow a company, but it’s how we’re growing at Coinbase. To learn more about a career at Coinbase apply for a position here.


Bar Raisers At Coinbase: If You’re Not A Hell Yes, You’re A No was originally published in The Coinbase Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Read more on Coinbase
Posted on July 2, 2018
Coinbase Custody is Officially Open For Business

Last week, Coinbase Custody accepted its first deposit. Today, we’re proud to announce that we’re officially open for business. Over the coming weeks, we’ll continue on-boarding a set of world-class clients that includes leading crypto hedge funds, exchanges and ICO teams.

Coinbase Custody’s mission is to make digital currency investment accessible to every eligible financial institution and hedge fund in the world. We’ll achieve this by striving to become the most trusted and easiest-to-use crypto custody service available. Coinbase Custody is a combination of Coinbase’s battle-tested cold storage for crypto assets, an institutional-grade broker-dealer and its reporting services, and a comprehensive client coverage program.

Crypto asset security

Over the past six years, Coinbase has pioneered leading crypto storage techniques and is currently responsible for the custody of more than $20 billion in crypto assets. Coinbase Custody builds on this expertise to offer a brand new, independent solution for our institutional customers. This new cold storage system has undergone rigorous penetration testing and cryptographic design review, and we plan further, regular third-party examinations to ensure the platform’s ongoing security.

Coinbase Custody’s unique features include:

  • On-chain segregation of crypto assets
  • Split, offline private keys that require a quorum of geographically distributed agents to use cryptographic hardware to sign transactions
  • Multiple layers of security
  • Robust cold storage auditing and reporting

A custody offering through a regulated, institutional broker-dealer

Coinbase Custody leverages the expertise and systems of our partner Electronic Transaction Clearing (ETC). ETC is a SEC-registered broker-dealer and FINRA member subject to regulated financial reporting and independent audits.

What’s coming next

Coinbase Custody provides secure storage of crypto assets for institutions in both the US and Europe. Before the end of the year, we hope to bring this offering to Asia as well.

Additionally, over the coming months, pending regulatory notifications, we’ll be focused on building the features and services that our institutional clients want.

  1. Support for more crypto assets
    Coinbase Custody currently supports BTC, ETH, LTC and BCH. We plan to continue adding support for new assets and will offer regular updates.
  2. Flexible access to funds
    On top of Coinbase Custody’s cold storage, we will add secure, segregated hot wallets and scheduled withdrawals for maximum flexibility.
  3. Crypto-first features
    Longer-term, we’re already thinking about how to securely enable our clients to participate in the crypto ecosystem through proof of stake and distributed governance. We look forward to partnering with our clients to bring these features to market.

As crypto continues its maturation as an asset class and more institutions enter the space, Coinbase is committed to delivering products and services that are tailored to their unique needs. Coinbase Custody delivers the trusted storage service that our clients need to fully immerse themselves in the potential that crypto assets provide. We look forward to delivering more offerings over the coming months.

Get in touch

If you’re an institution looking to store or trade crypto assets, we’d like to hear from you. Please sign up here to receive more information.


Coinbase Custody is Officially Open For Business was originally published in The Coinbase Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Read more on Coinbase
Posted on June 29, 2018
This Month in Crypto

This Month In Crypto: SCOTUS, Facebook, South Korea, and more

A curated selection of meaningful moments in June, for investors, institutions, policy-watchers — or just the crypto curious

Supreme Court acknowledges Bitcoin for the first time
In a dissenting opinion to WISCONSIN CENTRAL LTD. ET AL. v. UNITED STATES, Supreme Court Justice Stephen Breyer wrote: “Perhaps one day employees will be paid in Bitcoin or some other type of cryptocurrency. . .Nothing in the statute suggests the meaning of this provision should be trapped in a monetary time warp, forever limited to those forms of money commonly used in the 1930’s.”

Federal Reserve Bank of St. Louis adds historical crypto data
Drawing data from the Coinbase Index, FRED added four series on the prices of different cryptocurrencies: Bitcoin, Bitcoin Cash, Ethereum, and Litecoin. “The price data are updated daily and span from as early as 2014 to the present.”

SEC Corporate Finance Director says Ether is not a security
In public comments at the Yahoo Finance All Markets Summit, William Hinman, the director of the SEC’s division of corporate finance, said that, “putting aside the fundraising that accompanied the creation of Ether, based on my understanding of the present state of Ether, the Ethereum network and its decentralized structure, current offers and sales of Ether are not securities transactions.”

Stanford launches a blockchain research center in collaboration with Ethereum Foundation
Run by Dan Boneh and David Mazieres, the Stanford Center for Blockchain Research (CBR) aims to “support the thriving ecosystem by developing new technologies needed to advance the field.”

Federal employees are now mandated to identify crypto holdings
House Ethics Committee says employees who work in the executive branch who own crypto must now disclose it. (The disclosure rules are for those whose holdings exceeded $1,000 at the end of the reporting period, or if income produced during that time exceeded $200.)

Facebook lifts ban on crypto advertising
Reversing a previous ban on all crypto, Facebook updated its policy to allow ads for crypto and related content. Advertisers will need to be pre-approved and the company will continue to prohibit ads that “promote binary options and initial coin offerings.”

South Korean government takes steps to federally regulate crypto exchanges
In a move that signals increasing support for the blockchain ecosystem, the Korean Financial Intelligence Unit announced that it will be supplying the same level of oversight and customer verification procedures to crypto exchanges (enhanced Know Your Customer and Anti Money Laundering protections), as it currently has for other financial institutions. See this Cointelegraph story for deeper context on South Korea’s stance on crypto.


This Month in Crypto was originally published in The Coinbase Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.

Read more on Coinbase

See all news of Coinbase

Coinbase Comments:

Add your comment