fr/en

How to buy Bitcoin — and more importantly, how to secure it

Platforms, wallets, seed phrase: the practical guide to buying Bitcoin without getting scammed and keeping it safe.
sommaire · 8 sections
  1. Step 1 — Choose a buying platform (CEX)
  2. Step 2 — KYC, or why they want your ID
  3. Step 3 — Buy
  4. Step 4 — The trap: “not your keys, not your coins”
  5. Step 5 — Personal wallets
  6. Step 6 — The seed phrase: the most precious thing to protect
  7. Common scams to recognize
  8. Recap

This is the most hands-on episode of the series. Buying is easy. Securing is what separates those who keep their bitcoins from those who lose them.

Step 1 — Choose a buying platform (CEX)

A centralized exchange (CEX) is a company that lets you buy, sell, and store crypto. The equivalent of a stockbroker.

How to choose well:

  1. Regulation — Prefer a platform registered with the relevant regulator (PSAN in France, BitLicense in NY, FCA-registered in the UK, etc.). It’s a minimum sign of seriousness.
  2. Security — Independent audits, mandatory 2FA, majority of funds in cold storage.
  3. Fees — Compare buy/sell fees, withdrawal fees, and spreads.
  4. Simplicity vs flexibility — For a beginner, a simple app (Bitstack, Coinhouse, Strike) beats an advanced one (Kraken, Binance) where costly mistakes are easy.

💡 Some popular options: Bitstack (Bitcoin DCA, France), Coinhouse (France), Kraken (US/global), Strike (US). See our affiliation page — some links are affiliate links and marked as such.

Step 2 — KYC, or why they want your ID

Every regulated platform will require identity verification (KYC — Know Your Customer). It’s mandatory under anti-money-laundering rules. You’ll need:

  • Government-issued ID
  • Recent proof of address
  • Sometimes a selfie

It’s an unavoidable step. If a platform doesn’t ask, be suspicious.

Step 3 — Buy

First time? Start small. Most platforms allow purchases from $10–20. Make a first transaction to learn the flow before putting in serious money.

Two common strategies:

  • Lump sum — Convenient but exposes you to bad timing.
  • DCA — Dollar Cost Averaging — Regular automated buys (e.g. $50/week) to smooth the entry price. Less stressful, generally better over the long run.

Step 4 — The trap: “not your keys, not your coins”

Here’s the critical point.

When you buy on a platform and leave your bitcoins there, you don’t own them — the platform does. You hold a claim on the platform. As long as it’s solvent and honest, that’s effectively the same. When it goes bust or gets hacked, it’s not the same at all.

Historical examples:

  • Mt. Gox (2014) — Bankruptcy, 850,000 BTC lost.
  • QuadrigaCX (2019) — CEO died with the keys, massive losses.
  • FTX (2022) — Fraudulent bankruptcy, billions of customer funds frozen or lost.

Hence the saying: “Not your keys, not your coins.” If you don’t control the private key, they’re not really your bitcoins.

Practical consequence: for small amounts or active trading, leaving on the platform may be acceptable. For long-term holdings, you should withdraw to a wallet you control.

Step 5 — Personal wallets

A wallet is a piece of software that manages your private keys. Multiple types exist:

TypeExampleSecurityConvenience
Mobile wallet (hot)BlueWallet, MuunMediumExcellent
Desktop wallet (hot)Sparrow, ElectrumMediumGood
Hardware wallet (cold)Ledger, Trezor, ColdcardHighMedium

Hot wallet = connected to the internet. Convenient but exposed. Fine for small amounts.

Cold wallet = keys stored on a dedicated offline device. More friction but vastly safer for any meaningful holding.

Simple rule: above $1,000, consider a hardware wallet. Above $5,000, non-negotiable.

💡 Our hardware wallet comparison: coming soon. Ledger is the well-known French leader (we have an affiliation with them, disclosed on the affiliation page).

Step 6 — The seed phrase: the most precious thing to protect

When you initialize a wallet, it generates a recovery phrase of 12 or 24 English words (the seed phrase or mnemonic). Example:

witch collapse practice feed shame open despair creek road again ice least

This phrase reconstructs all your private keys. With it, you can restore your wallet on any device. Without it, if your device dies, your bitcoins are gone forever.

Golden rules:

  1. Write it down on paper at setup. Ideally on stainless steel for fire/water resistance.
  2. Never photograph it. Not on your phone, not in the cloud, not in an email.
  3. Never type it on a computer (except for actual recovery).
  4. Store at least one copy in a different location (safe, second residence).
  5. Never share with ANYONE. No legitimate service will ever ask. Never.

Common scams to recognize

To wrap up, here’s what you’ll encounter sooner or later:

  • “Click here to validate your wallet” → Phishing. No serious wallet sends those.
  • Fake tech support on Telegram/Discord → Someone reaches out kindly, offers help, asks for your seed. Block.
  • SIM swap → An attacker takes over your phone number and bypasses SMS 2FA. Use a TOTP app (Google Authenticator, Aegis) or a hardware security key instead.
  • Fake ETFs, fake tokens → On decentralized platforms, anyone can create a token named “Bitcoin.” Real Bitcoin only exists on the Bitcoin blockchain — not on Ethereum, Solana, etc.
  • “Bitcoin doubling” → Elon Musk will not send you 2 BTC if you send him 1. Ever.

Recap

  1. Pick a regulated platform.
  2. Complete KYC.
  3. Start with a small buy.
  4. Withdraw to a personal wallet once amounts justify the effort.
  5. Hardware wallet above a meaningful threshold.
  6. Secure the seed phrase like the most precious object you own.
  7. Learn to spot scams.

Next → Risks, myths, and possible futures

This article is not investment advice. Affiliate links mentioned are disclosed on the affiliation page and pay us a commission at no extra cost to you.

Series · Understanding Bitcoin in 5 articles 80% · 4/5
← Previous · 03 / 05
Why does Bitcoin have value?
Next · 05 / 05 →
Bitcoin: risks, myths and possible futures