Buying A Ledger From a Third Party
|— Ledger Nanos are available for purchase from many trusted retailers globally, but you might be wondering “how do I know it will be safe if I don’t buy directly from Ledger?”|
— Your Ledger device will take care of some of your most valuable assets, so having absolute trust in that device is crucial.
— As with any piece of hardware, devices can be tampered with, and you’re right to give close scrutiny to your brand new Nano.
— Why accept anyone else’s word for it? Here, we walk you through Ledger’s Genuine Check – the process that enables you to verify the authenticity of your device for yourself, and secure your precious private keys with peace of mind.
When you buy a hardware wallet to store your private keys, you’re putting your faith in that device to protect some of your most precious and valuable assets – so being able to trust the device is imperative. So how can you be sure that you can trust your hardware wallet? Particularly when it comes from a third-party vendor?
This sort of critical thinking is not silly or overbearing: it is exactly the approach you should be taking, as a person acting as their own bank and taking responsibility for their own security.
In this article, we will walk you through the process of checking the authenticity of your Ledger device, empowering you to check that it’s genuine no matter where you bought it.
Quick Refresh: Why use a Ledger Hardware Wallet anyway?
Owning crypto means controlling the private keys for your blockchain addresses – if anyone else can access those keys, consider your assets gone. So how you secure them will define the security of your valuable crypto assets.
We’ve said it before and we’ll say it again: Ledger Hardware Wallets are the most secure option for protecting your crypto. Why? Because the biggest threats to your crypto exist online. Using a hot wallet to secure your private keys can’t protect you against online threats, because they exist on a connected device. That means clever hackers can target your wallet (and private keys) via your internet connection. Not so secure after all, right?
So the only way of truly securing your private keys is by ensuring they are never online, and this is exactly what the Ledger hardware wallet does. The keys (and seed phrase) are generated offline from the beginning, within the device; they are secured within the device at all times; and even when you’re transacting with an online platform, the transaction is signed within your Ledger Nano, and not online. All of this means that your keys are never, ever online – and they are completely out of reach of hackers.
Trusting Your Hardware Wallet is Essential
So to recap, Ledger’s hardware wallets are security devices that you trust with your most precious data – your private keys.
With that in mind, there are three things you need to know to be sure your device is safe: that the device itself is genuine, that it has not been tampered with, and that the Ledger Live interface you’re interacting with is genuine.
Here’s how to verify all three of these things for yourself, even when you’re buying from a third-party vendor, so you can secure your crypto in peace.
Buying a Ledger Hardware Wallet from a Third Party
Let’s start from the top. A common concern is that a Ledger Nano cannot be bought securely from a third-party vendor. In reality, you have a few different options if buying directly from Ledger isn’t possible.
The Ledger Nano is stocked on Amazon and Best Buy and there is even a list of official resellers on the Ledger website. That being said, if you want to buy a Ledger wallet from a third party, there are a few things you need to keep in mind.
Our reseller list is there for a reason! Only authorized sellers can guarantee that you’re getting a genuine Ledger product, because we oversee the supply ourselves and can vouch for the product being genuine. So this is a great starting point for ensuring the safety of your product.
Another thing to bear in mind is logistics: whatever seller you decide to use, make sure that they ship to your country. Now that’s out of the way, let’s get down to the details.
How to Check your Ledger Device
So you’ve checked our re-seller list and purchased your shiny new Ledger, and now you have it in your hands. What’s next?
Ledger’s built-in “genuine check” puts the power in your hands from the first moment, by allowing you to personally verify your device. So let’s look at the various reference points you can use to do that.
Step 1 – has your device been tampered with?
The moment your device arrives, you can do a few basic visual checks to establish that nothing is out of place. These include:
- Checking the condition of the box, ensuring it is undamaged and unopened
- Checking the box contents are neatly in place
- Checking the condition of the Recovery sheet – it should be empty
- Assessing the initial state of the Ledger device.
From there, it’s time to move on to the more technical side of things.
Has your wallet been pre-seeded?
When you set up your Ledger device, part of the process is generating a 24-word recovery phrase. Your recovery phrase is critically important to the security of your crypto. If someone else were to know it, they would be able to steal all your crypto assets secured by your Ledger device. So how can you be sure only you know the phrase?
Because you – only you – are in charge of generating the phrase in the first place, and writing it down on the recovery phase sheet that comes with your device. This sheet is one part of your security check: if it has already been filled in with words, this means your device has been tampered with and is absolutely not safe to use. This is known as “pre-seeding”, a scam that takes advantage of your lack of experience with hardware wallets. Pre-seeding is when someone else enters the seed phrase for their own wallet onto your recovery phrase sheet, in the hopes that you’ll enter it into your device. Doing this gives that person complete control of whatever you store on your device from that point.
Bottom line? The only words you should ever trust are the ones that appear on the device’s trusted screen when you set it up. This way, only you and your sheet of paper will ever know them.
Congratulations – if you’ve made it this far, you’ve partially verified your new device.
Step 2 – Are you using the genuine Ledger Live application?
When you buy a Nano, you’re not just buying a device. It’s a whole package, with both the device itself and the Ledger Live app where you can manage and visualise your funds, as well as access the wider crypto ecosystem via our native apps.
It’s important to start by ensuring you’re using the correct address for the Ledger Live app: this can be found inside the box of your Ledger device, but for reference, here’s the link
This will enable you to install the latest version of Ledger Live, and know for sure that it’s the real deal.
Why is this important? A couple of reasons. First, crypto scams frequently use fake user interfaces to trick you into sending your crypto to the wrong place, so the apps you’re interacting with on your computer are a potential vector for a hack. The genuine Ledger interface will never ask you to enter your recovery phrase, be mindful of this as you set up – and at all times!
Ensuring you’re using the genuine Ledger interface is also essential because the app works in unison with your device, and plays a part in the next step of your check.
Step 3 – Is your device authentic?
Once you’ve downloaded the Ledger App, you’re ready for the next part of the process – authenticating your device.
Only genuine Ledger Nano devices will be able to communicate with the Ledger Live Interface, and now you have installed the application, you can test this for yourself. If your device and the app communicate, you can be sure the device is genuine.
So in summary, you can ensure the authenticity of your device by
– using visual checks
– understanding how your recovery phrase is generated
– downloading the correct Ledger Live application
– checking your Ledger Live app communicates with your device
Doing so provides an independent means of checking the safety of your Ledger Nano, using your own eyes and your own knowledge, in conjunction with our ecosystem.
Financial Freedom, Peace of Mind
Ledger’s hardware wallets are the safest way you can possibly secure your private keys. While we can explain in detail how all of our components work, only you have the power to check the device itself.
Now you know what to look for, your wallet can serve its purpose – to give you complete peace of mind as you interact with the expanding world of blockchain. That is what we call freedom.
Knowledge is Power.
At the heart of it, Ledger is here to protect your crypto – here’s a rundown of a few of the key threats you face, and how we keep you safe. Thanks, School of Block!