For my first Hardware Wallet review I would like to offer up the Ledger Unplugged. It is a Java Card applet running on a device the size of a credit/debit card produced by Fidesmo. It uses NFC to communicate with your mobile phone or other contactless reader. It currently works with Mycelium and GreenBits Wallets, but Copay support is coming soon. It is generally meant for mobile use. For desktops, I would recommend the Ledger Nano or the Ledger HW.1.
Using a hardware wallet introduces multisig into your security repertoire. This means that, in order to spend your Bitcoin, you would need to set up the transaction using your regular Bitcoin wallet and then use your Ledger Unplugged to approve the transaction. This means that a potential thief would need to steal the device on which you have your Bitcoin wallet, your Ledger Unplugged, and the security card that comes with it. Without all three of these things your Bitcoins will stay put.
Inside the box there is a paper envelope containing an instruction sheet, a recovery sheet, and a security card containing a substitution cipher key. Be sure to store these things in a safe place. If possible I would store them in separate places. With these things a potential thief can restore your Ledger wallet to another Ledger device and sweep your Bitcoin to their own wallet. Also in the box is the Ledger Unplugged.
Before going any further, you’re going to need a piece of software. You will need to download the Ledger Wallet Android or iOS app. I recommend against doing this on a rooted or jailbroken phone. You need to trust the device on which you run this process. This app will allow you to initiate the Ledger Unplugged, set the backup, and then sync it to your wallet of choice, if supported. The directions for this are quite easy to follow.
Once you have it set up and the wallet imported into your wallet software of choice, using it is as simple as using your wallet software. You send Bitcoin to the Ledger wallet to store it. To spend out of your Ledger wallet you set up the payment using your wallet software, but there are a couple added steps to approve the transaction. This includes touching your Ledger Unplugged to your phone, putting in your PIN, putting in the code using the security card, and approving the transaction. These couple extra steps are a small price to pay for the much added security.
One issue I have with this setup is that you’re not supposed to keep your Ledger and its security card together. This makes it hard to use the Ledger Unplugged while mobile. In order to use it you have to have both on you. As a security compromise I put the substitution cipher on the card into the password wallet on my phone. This way I have it with me, but it’s still protected. The actual plastic card is locked away.
To me, this is a great balance between long term cold storage where I put the bulk of my savings and a regular mobile wallet where I carry my pocket money. I store mid range amounts of money in my Ledger Unplugged and transfer Bitcoin if I need to top up my pocket money.
Another neat feature of this card is that you can use it with any of the Fidesmo enabled apps. You could then use your Ledger Unplugged for PGP and 2 factor authentication. There are several other things available, but not for the US. Still, more is possible in the future. It’s a neat idea that I would love to see built upon. And the fact that it’s open source means that’s very possible.
I highly recommend the Ledger Unplugged for inexpensive additional security for a mobile wallet. It fills this niche very well. To purchase this device look to the links below: