Why security matters
Digital asset owners increasingly become victims of targeted hacks, thefts, and frauds, which can lead to a complete loss in some cases. This newly emerging cyber threat can affect anyone, from the smallest digital asset owner to the largest digital asset fortunes. Chainalysis, a blockchain analytics company, has reported that around USD 1.9 billion in crypto has been stolen by cybercriminals in the first half of 2022. Therefore, as a digital asset owner, it is crucial to not only think about the investment perspective of this alternative asset, but also to consider the security side.
What are digital assets?
Digital assets, such as crypto coins, are based on blockchains. Blockchains are, by design, decentralised. This offers the advantage that digital asset owners can transfer funds without having to involve a third party (such as banks or governments). It also creates one of the biggest challenges for digital asset owners, as without a trusted central party there is a lack of accountability and reliability. Storing digital assets might be confusing at first as digital assets are intangible. The access to a digital asset is stored in so-called crypto wallets, whereas the digital asset itself is stored on the blockchain.
What is digital asset storage?
When setting up a new crypto wallet, a so-called seed phrase (also called recovery phrase), which is a 12-, 18- or 24-word pattern, is randomly generated. The seed phrase acts as the master key to a crypto wallet and can be used to restore the crypto wallet. A private key, comparable to a password, is then derived from the seed phrase. The private key is needed to get access to the digital assets and thus stands for the ownership of the funds. If the private key and recovery phrase are lost or stolen, one can no longer access the digital assets and consequently cannot transfer, spend, or withdraw them.
Furthermore, a public key is derived from the private key. This public key – comparable to an IBAN number in traditional banking – allows the user to receive crypto coins into their crypto wallets.
In the traditional banking system, people can choose whether to safeguard money, gold, etc., by themselves (self-custody) or give their assets to a trusted party (bank) for safekeeping. This is similar in the digital asset system. The user can decide between different custody types and crypto wallets, which can either be controlled by a trusted third party (third-party custody) or just by the owner (self-custody).
Third-party custody
With a third-party custody solution, the private key is stored with a central party, such as a bank or a crypto exchange. Like a bank account, if the user loses the access to the digital assets, the third-party custody provider still has the information and can access the funds in emergency situations.
Third-party custody solutions are only useful and meaningful when the service provider is a trusted party, duly regulated, and highly experienced in digital assets. Unregulated crypto exchanges, storage providers, and financial intermediaries holding the private key for the user can pose a high risk. The current lack of global regulation within the crypto sector has led to the emergence of many unregulated businesses. To mitigate risk, users should always analyse where the respective custody service is located and if the necessary financial licenses have been obtained.
Tackling the risks of self-custody
In general, the highest risk of self-custody is losing access to the digital assets. For physical inscription and hardware crypto wallets, there are several precautions to take. One is to divide the seed phrase into different segments. These segments are then stored in different locations. In this set-up, if one location is compromised, the seed phrase can still be reconstructed. For software crypto wallets, the owner should not save the password or seed phrase on any device with internet access.
Why is third-party custody with a trusted and regulated provider the best solution?
Trusted third-party custodians, such as financial institutions, have been safeguarding money, gold, and securities for centuries and now offer the same for digital assets. While the digital assets are still stored on the blockchain, third-party custodians safekeep the users’ private keys.
In summary
With the growing amount of storage solutions for digital assets, owners are faced with the complex subject of digital assets in general and proper safekeeping in particular. While self-custody crypto wallets offer a few advantages, they still entail a high level of risk. This immense risk can be mitigated by having a trusted third-party provider that stores digital assets safely and helps the owner navigate in a fast-developing space.
In addition, storing digital assets with a trusted third party gives the owner the great advantage of being able to rely on the provider’s extensive professional know-how on digital asset safekeeping and management.
Yet, recent events have demonstrated that third-party custodians, such as crypto exchanges, are not always the safest option. Crypto financial service providers are often not regulated according to a specific country’s regulatory framework as their headquarters often remain undisclosed. This poses a high risk in case of liquidity issues and bankruptcy. A regulated financial service provider such as a bank that has a long-standing reputation as safekeeper of assets and is regulated to stringent regulatory requirements is the ideal partner for safeguarding digital assets.