This is a complete guide to purchasing and storing cryptocurrency for the traditional investor (those with a history of investing in stocks, bonds, mutual funds etc.).

This guide assumes the reader already has done some research on what cryptocurrency is (click here to read our Introduction to Crypto), and is now taking steps to invest.

Quick overview (what you’ll do)

1. Decide goals & risk tolerance.

2. Pick a regulated exchange or broker.

3. Open the account, pass KYC, enable security.

4. Fund the account (bank transfer, card, wire).

5. Choose coins & order type; buy a small test amount.

6. Decide custody: keep on exchange (custodial) vs self-custody.

7. If self-custody, install a hot wallet and acquire a hardware (cold) wallet.

8. Transfer, verify, back up seed phrase securely.

9. Tax & recordkeeping.

10. Ongoing maintenance & security.

Now the detailed step-by-step.

1) Before you start: decide goals, amounts, and risk

• Ask yourself: am I buying a long-term store of value (e.g., Bitcoin), exposure to smart-contract platforms (e.g., Ethereum), or short-term trading? That affects custody, tax, and security choices.

• Only invest what you can afford to lose; crypto is volatile. Determine position sizing rules (e.g., 1–5% of investable assets for beginners).

• Decide time horizon: day-trading needs different tools than “buy and hold.” (No citation needed; this is standard investing practice.)

2) Pick an exchange or broker (criteria + recommended types)

What to compare:

• Regulation & jurisdiction (U.S. exchanges for U.S. residents reduce some counterparty/regulatory risk).

• Security history & transparency (proof-of-reserves, public audits are pluses).

• Fees (maker/taker, deposit/withdrawal, stablecoin conversion).

• Supported coins (stick to mainstream: BTC, ETH, USDC, USDT, and other large-cap tokens).

• Ease of use / mobile app / fiat on-ramps.

• Customer support & liquidity.

Reputable mainstream options frequently recommended for beginners:

• Coinbase

• Binance

• Kraken

• Gemini

• Crypto.com

• other regulated platforms

Reviews from consumer finance outlets rank Coinbase and Kraken highly for beginners and overall safety/features.

Practical tip: avoid unregulated exchanges or ones with poor customer support, especially as a beginner.

3) Open the account & complete KYC

Steps:

1. Create account with a unique, strong password.

2. Complete identity verification (photo ID, selfie). KYC is standard and required on regulated exchanges. Expect to provide name, address and SSN (US).

3. Add bank link or card for funding; some exchanges allow ACH (low fee, slower) or debit/credit (faster, higher fee). Fees and limits vary by provider.

Security setup (do this immediately):

• Do NOT use SMS for 2FA if you can avoid it. Use an authenticator app (Google Authenticator, Authy) or preferably a hardware 2FA key (YubiKey).

• Enable withdrawal whitelists if the exchange supports them (locks withdrawals to preapproved addresses).

• Set up strong account-wide email protections (unique password, secure email provider).

4) Fund your account (methods and fees)

Common funding methods:

• ACH / bank transfer — low fees, takes a few days.

• Wire transfer — faster for large amounts, may have fees.

• Debit/credit card — instant but higher fees and potential cash-advance treatment by card issuer.

• Stablecoin deposit — if you already hold crypto elsewhere, you can deposit USDC/USDT.

Estimate total cost by adding trading fee + deposit fee + spread/slippage. For small beginner buys, a market order on a simple app is fine, but for larger buys, consider limit orders to avoid slippage.

5) Choosing what to buy (stick to “mainstream”)

For beginners, focus on:

• Bitcoin (BTC) — largest, often considered digital gold.

• Ethereum (ETH) — largest smart-contract platform.

• Reputable stablecoins (USDC, USDT) — for cash-like stability and quick trading; USDC is often preferred for regulatory transparency.

• Large-cap tokens (e.g., SOL, LINK, ADA) only after research.

Keep allocation simple (e.g., 60% BTC, 30% ETH, 10% stablecoins — adjust to your taste). Research token purpose, market cap, liquidity, and security.

6) Place your order (market vs limit) + test

• Market order — immediate execution at prevailing price; OK for small purchases but can suffer slippage.

• Limit order — set a price; execution not guaranteed, but you avoid bad fills.

• Dollar-cost averaging (DCA) — buy a fixed dollar amount at regular intervals to smooth volatility.

Always make a small test buy and (next step) a small withdrawal test before moving large sums.

Congratulations! You’ve now made your first investment in cryptocurrency.

Steps 7-7.3 are optional.

7) OPTIONAL: Decide custody: custodial vs self-custody

• Custodial (leave on exchange) — easier; exchange holds keys. Convenient for trading and staking products, but you’re trusting the exchange. Good for small amounts or active traders.

• Self-custody (you hold private keys) — higher responsibility, lower counterparty risk. Recommended for long-term holdings you can secure properly.

If you care about ultimate control and security for long-term holdings, self-custody is recommended.

7.1) Self-custody basics — hot wallet first, hardware wallet next

Hot wallets (software/mobile) — Coinbase Wallet, MetaMask, Exodus, Trust Wallet, mobile exchange wallets:

• Use a hot wallet for daily use and DeFi interactions. Don’t store large amounts here.

Hardware (cold) wallets — the standard for safe self-custody:

• Popular hardware wallets include Ledger and Trezor (each has tradeoffs: Ledger uses a Secure Element and broad coin support; Trezor is open-source oriented). Compare features and buy only from official stores.

Suggested path:

1. Install a trusted hot wallet (e.g., MetaMask for Ethereum-based tokens) and practice receiving/sending tiny test amounts.

2. Purchase a hardware wallet new from the manufacturer or verified reseller (do not buy used or from marketplace where it could be tampered). Ledger and Trezor are commonly recommended.

3. Initialize hardware wallet offline using the device’s instructions. Record the recovery seed carefully (see below).

7.2) Seed phrase & backup (do this right)

• When you initialize a wallet you’ll get a recovery phrase (typically 12–24 words). This is the key to your funds. If someone gets it, they get your crypto. If you lose it, you lose access.

• NEVER store the seed phrase digitally (no photos, no Google Drive, no password managers that sync online).

• Best practices: write it on paper and engrave onto a metal backup plate (resistant to fire/water). Store copies in separate secure physical locations (safe, safety deposit box). Use metal backup products if available. Security guides emphasize keeping seed phrases offline.

• Consider splitting the seed phrase with a Shamir backup scheme (some wallets support it) or multisig for enterprise/large holdings.

Practical: after setting up the wallet, do a test transaction from your exchange to the hardware wallet with a small amount, then check the device and wallet show the funds.

7.3) Transfer from exchange to hardware wallet (the transfer steps)

1. On hardware wallet, open the receiving address for the network (e.g., Bitcoin address for BTC, or Ethereum address for ETH/ERC-20).

2. From exchange, choose ‘Withdraw’ or ‘Send’, paste the address (don’t type it), double-check first 4 and last 4 characters match.

3. Send a small test amount (e.g., $10–$50) first. Confirm it arrives.

4. Send the remaining balance. Consider sending in two batches if very large.

5. Once received, verify on a block explorer (tx hash) that funds are at your address.

Never reuse addresses for certain privacy reasons if you desire privacy; for most beginners one address per asset is fine.

8) Security hygiene & common threats

• Phishing is the #1 risk: bookmark official sites, don’t click links in unsolicited messages, verify URLs.

• Use app-based 2FA or hardware keys — avoid SMS 2FA where possible.

• Keep firmware and software wallets up to date (hardware wallet firmware updates occasionally patch vulnerabilities).

• Lock your phone and avoid storing large balances on mobile wallets.

• SIM swap protection: contact your carrier to add a PIN or port-out protection.

• Beware “giveaway” scams or anyone who asks you to sign a message — signing arbitrary messages can grant approval to drain funds. Security guides across 2024–25 emphasize these points.

9) Taxes & record-keeping (must do)

• In the U.S., the IRS treats crypto as property: you must report sales, trades, payments, staking rewards, and income. Keep records of buys, sells, and transfers (dates, USD values, fees). The IRS guidance explicitly requires reporting digital asset transactions.

• Newer broker reporting rules mean exchanges will report many transactions to the IRS (rules finalized and being phased in). Expect more third-party reporting over time—keep robust records.

• Tools exist (CoinTracker, Koinly, CoinLedger) that import exchange & wallet transactions, compute gains/losses, and help generate tax reports. Consider using one if you do > a few trades.

10) Ongoing maintenance — what to monitor

• Keep software/firmware updated.

• Recheck device vendor sites for security notices.

• Periodically test your backups (but do not expose your seed phrase unnecessarily).

• Monitor your exchange for regulatory or service changes. If large policy shifts occur, consider moving holdings accordingly.

• Beware yield/staking offers that sound too good — analyze counterparty risk.

11) Practical checklist for your first purchase

1. Create exchange account (Coinbase/Kraken/Gemini) and complete KYC.

2. Enable authenticator-app 2FA; set strong, unique password.

3. Link bank (ACH) for funding.

4. Buy a small test amount of BTC or ETH with a market order or small limit order.

5. Purchase a hardware wallet from the manufacturer (Ledger/Trezor).

6. Initialize hardware wallet offline; write and metal-backup seed phrase.

7. Send small test withdrawal from exchange to hardware wallet; verify on block explorer.

8. Transfer remainder; confirm.

9. Log transaction records to your tax tool.

12) Common beginner mistakes to avoid

• Leaving large balances long-term on an exchange without understanding custody risks.

• Taking screen photos of seed phrases or storing them in cloud backups.

• Clicking unsolicited links or copying wallet addresses from unverified sources.

• Ignoring tax reporting obligations.

Final notes (practical, plain)

• Start tiny, practice the entire flow (buy → withdraw → verify → report) before scaling up.

• For most beginners: buy BTC/ETH on a regulated exchange, move long-term holdings to a hardware wallet, keep a small hot wallet for spending, and keep careful records for taxes.