Nic Neuman from Casa says that the biggest security problem that Bitcoin (BTC) has is its user experience (UX).
This past October 2020 marked the 12th anniversary of Satoshi Nakamoto’s Bitcoin whitepaper. During this relatively short period of time, Bitcoin has fundamentally transformed “the way we think about money, but it’s still a long way from mass adoption,” Neuman claims.
According to Neuman, who’s the Co-Founder and CEO at Casa, there’s “no question” that UX has “always been the biggest single obstacle to Bitcoin adoption.” However, “not in the way you might think,” Neuman reveals.
“UX is a slippery term: it means different things to different people in different contexts. With Bitcoin, for example, UX extends far beyond the intuitiveness of individual exchanges or wallets. Since we’re talking about people’s investment, security is a — the — crucial consideration in any discussion about UX.”
Neuman believes that Bitcoin suffers from a “usability” problem that can’t be fixed by creating a new user interface (UI). He explains that this isn’t really a technical error or mistake, but rather a human one. That’s because we’ve made the assumption that it’s “safer” to store coins or digital currencies with a centralized exchange platform instead of keeping (self) custody of our own assets. He argues that this can’t be “fixed” with a new UI. It requires “a revolution in the way we think about Bitcoin security,” Neuman claims.
When Bitcoin first came out, poor UX wasn’t really much of an issue, Neuman acknowledges. Back then, Bitcoin-related platforms were primarily used by traders and speculators who had the technical expertise or know-how to “navigate complexity.” However, when regular or ordinary people began experimenting or exploring Bitcoin-related platforms, several exchanges and trading platforms began focusing more on offering “consumer-grade” user experiences, Neuman reveals. He adds that this was “the moment where Bitcoin’s UX problems really began.”
“The world’s first highly-publicized hack, of Mt Gox in 2014, saw 24,000 people lose everything. But in the six years since, we’ve continued in the wrong direction on security. There’s not enough space to detail the number of exchanges that went bust, got hacked or, like OKEx in October 2020, lost access to customers’ keys after the single employee in charge of them was detained by law enforcement.”
During H1 2020, Ciphertrace found that investors had lost around $1.4 billion in crypto, most of it from centralized digital asset exchanges that experienced damaging hacks or even engaged in fraudulent activities against their clients, Neuman confirmed.
He pointed out that the industry has not really been focused on making it easier or more intuitive for people to hold their own keys. Instead, the crypto businesses have been trying to offer a consumer-friendly, “full service” experience where “they control every aspect – including key custody,” Neuman noted.
While this may be a good “starting point” for new users, since it stops them from making beginner-level security mistakes, it still leaves them “vulnerable” to various threats from “within and outside the exchange,” Neuman explained.
Despite these “well-publicized catastrophes,” our industry has not been establishing a standard solution to this “gaping, fundamental security flaw,” Neuman added. He claims that it’s because it “suits platforms to have their customers keep their coins on-exchange.”
He pointed out that some of the early Bitcoin UX efforts had focused on “superficial” issues and appeared to have dismissed the serious problem of assisting users with learning to get into the habit of owning their private keys (to their digital assets). These companies or service providers may have figured that “solid UX” for users to retain control of their keys was “an unwinnable battle and took personal key management education and design off the table,” Neuman added.
He further noted:
“The whole ethos of Bitcoin is built on the idea of empowerment: to be your own bank, to control your own savings, and to take charge of your own financial destiny. But in trying to make UX more seamless for non-technical customers, exchanges and custodial wallets have discouraged self-sovereignty and opened the door for third party risk.”
“Approachable end-user control of private keys is the holy grail of solving Bitcoin UX, and it’s one the industry has largely sidestepped. So while many new Bitcoin users face a steep learning curve, they are not learning that old security models don’t apply. If you lose your keys, for example, you can’t just hit ‘password reset’ – your coins are gone forever. This, in part, explains why exchanges are so keen to own the whole experience, including custody.”
Neuman argues that when we sacrifice security in favor of “ease-of-use,” we’re making a “false” choice. He notes that we shouldn’t underestimate the challenge (from a technical point of view and also when it comes to educating people about why self-custody is very important).
Casa analyzes and reports on the latest hardware wallet security vulnerabilities, and the larger or major changes in the Bitcoin, security, and “personal privacy” landscape. (Note: You may check out their blog post updates here.)