Automatic cloud backup
How it works #
The user’s key is encrypted and backed up on their respective device/cloud storage provider. If their device is lost, stolen, or broken, the user can log into their cloud storage account (such as Apple iCloud or Google Drive) to regain access to their funds. To learn more about the technical details, hop over to the private key management section on this topic.
Crypto rookies perceive themselves as “incapable of self-managing keys”.
As researched by Abramova et al
This method provides users with the feeling that they can rely on their cloud provider to regain access to their funds rather than putting the responsibility on themselves.
Below is an example of what the user interface might look like for an automatic cloud backup that significantly reduces friction during onboarding.
How to discuss/explain It #
One approach is to explicitly explain within onboarding carousels that a user’s recovery phrase is stored on the cloud; this means that if they lose or break their device, they can regain access to their funds by logging into their respective cloud account on a different device.
On a similar note, it’s crucial that you also explain that if someone else knows their cloud account information, they can gain access to their funds, too.
Do: Inform your Users
Before automatically backing up a recovery phrase via cloud backup, make sure the user knows what they are about to do. Once the backup is complete, provide a summary and some reassurances before moving on. This is a good place for loading interactions and animation because there will likely be a few seconds between when a user clicks to upload to the cloud provider and when it completes.
By not making users manually backup, you decrease the risk of self-inflicted loss of funds. Automatic cloud backups put less pressure and responsibility on the user.
While this is an easier way for users to set up a wallet, it brings in the potential threat of malicious third-party access. If a user’s cloud account is hacked or they forget their cloud login information, their funds could be compromised.
By bringing cloud storage providers into the equation, we assume that users trust their providers. This also raises the question of decentralization: a guiding principle of the Bitcoin space and could be considered in conflict with the popular saying, “not your keys, not your coins”.
Don’t: Use for High Value Amounts
Automatic cloud backups should not be considered for products with users that are storing high-value amounts. This is because there are potentially more security threat vectors.
To grant users some ownership of their keys, you can create an optional manual backup within settings. A great way to do this is by framing it as an extra layer of security or a good alternative in the case that the user loses access to their cloud account/if they feel uncomfortable trusting their provider.
In the next section we will show different methods for manual backups.