Cobo: Cryptocurrency must win user trust through "institutional-grade security + consumer-grade experience"
TechFlow Selected TechFlow Selected
Cobo: Cryptocurrency must win user trust through "institutional-grade security + consumer-grade experience"
With the number of crypto users surpassing 650 million and the market rapidly evolving, security is no longer just about defense—it's at the core of user experience.
Navigating Web3 tides with focused insightsAuthor: Lily Z. King
The Point Zero Forum 2025 was successfully held in Zurich, Switzerland from May 5–7, hosted by GFTN, a non-profit organization established by the Swiss State Secretariat for International Finance (SIF) and the Monetary Authority of Singapore (MAS). The forum brought together over 2,000 central bank governors, regulators, industry leaders, and technology experts from around the globe, dedicated to advancing sustainability, inclusivity, innovation, and efficiency in the global financial ecosystem.
Lily Z. King, COO of Cobo, was invited to attend The Point Zero Forum 2025 and participated in a panel discussion as a speaker, sharing our frontline observations on evolving expectations of crypto users and their implications for the future of crypto security. We also hope to bring these insights to every Cobo user and reader.
Crypto users are changing, and so are their expectations
Over the past eight years, Cobo has had the privilege of standing at the forefront of the crypto industry’s development, witnessing dramatic shifts in user demands, technical architectures, and application scenarios. From users to infrastructure, from custody models to security strategies, the entire industry is undergoing a deep transformation.
After the FTX incident, users have become more professional and vigilant.
On the institutional side, the starting point is “control first.” Users focus on whether there is a verifiable security framework—such as SOC 2 and ISO 27001 audit certifications, continuous KYT/AML monitoring, fine-grained approval mechanisms, and capabilities for cold wallet or off-chain custody. Their concerns center on meeting compliance requirements, protecting asset security, and being able to submit audit reports when necessary.
On the retail side, users prioritize “simplicity first.” They want the same ease of use as modern financial apps: tap, confirm, done—and the ability to easily recover assets even after switching devices. But their understanding of security has also evolved: today, a clean interface no longer equals a trustworthy platform. Users now pay attention to proof of reserves, fund availability, and immediate access to assets.
Regardless of type, all users now demand: verifiable security + real-time asset control.
From single-chain to multi-chain: infrastructure diverges and converges
From Bitcoin and Ethereum to today’s world of layered, multi-chain coexistence—including bridges, rollups, and modular blockchains—this fragmentation requires an underlying architecture that unifies across ecosystems.
To manage this complexity, leading platforms are shifting toward modular custody architectures:
-
MPC (Multi-Party Computation) to decentralize private key control
-
Layered hot/warm/cold wallet structures to balance liquidity and security
-
Smart contract wallets to configure on-chain governance and operational rules
Only solutions with institutional-grade security, integrated architecture, and verifiable standards can support mass-market Web3 user experiences.
Application layer evolution: beyond exchanges, new use cases emerge
Eight years ago, 90% of our clients were exchanges. Today, that figure has dropped to 50–60%. New users include DeFi protocols, NFT platforms, DAOs, GameFi and SocialFi projects, as well as payment companies, trading enterprises, and stablecoin issuers.
Each scenario brings different security challenges and compliance needs: CeFi emphasizes compliance and fund safety; DeFi focuses more on smart contract risks and user experience; Web3 enterprises face challenges in cross-chain interoperability and blurred compliance boundaries.
Wallets are no longer just vaults—they’re the main gateway to Web3
Unlike traditional finance where “bank accounts are the end point,” in Web3, wallets are the core user interface—the passport to the on-chain world.
Yet they’ve also become a key bottleneck for user experience:
-
Users must manage their own private keys
-
They face complex interfaces
-
They bear on-chain risks that traditional finance has long shielded them from
This creates a barrier for individual users and a resource burden for startups and exchanges. Therefore, we need infrastructure builders to help platforms “do what they do best” without worrying about security and compliance.
Security vs. simplicity: the dynamic balance between custody and self-control
The ideal security design hides complexity, makes protection “invisible,” and gives users choice when needed. For example:
-
Default risk controls like transaction limits, withdrawal delays, and whitelist functions
-
Guided educational prompts that help users understand risks without overwhelming them
-
Gradual unlocking of permissions, rather than exposing users to risk from day one
The essence of custody is not handing over the keys, but transferring trust and choice.
Promoting security: design beats persuasion
Security features like 2FA, withdrawal delays, and transaction limits are often ignored—until an attack happens. Data shows only one-third of users enable 2FA across all platforms.
The effective way forward isn’t persuasion, but default design:
-
Enable security features by default and embed them into workflows
-
Provide concise explanations when needed to improve understanding
-
Use AI to reduce user burden—e.g., automatically detecting malicious contracts, real-time phishing alerts
A message to regulators: focus on outcomes, not processes
Users don’t care about your custody model—they care whether their assets are safe, accessible, and recoverable. AI is redefining all of this—from one-click account setup to risk scoring and real-time fraud alerts. In the future, crypto apps will become as simple and intuitive as banking apps. But AI is also arming attackers. Regulation must evolve alongside technology.
Therefore, we urge regulators to shift from “static process-based” to “principle-based” oversight, building regulatory logic around outcomes to truly protect user asset security.
“Regulators should lay the foundation, then let secure, adaptive systems grow freely upon it.”
The crypto industry is moving from technical exploration to mass adoption. Only by building infrastructure that combines “institutional-grade security” with “consumer-grade experience” can we earn user trust and achieve true global scale.
Cobo is an active builder and driver in this transformation.
Join TechFlow official community to stay tuned
Telegram:https://t.me/TechFlowDaily
X (Twitter):https://x.com/TechFlowPost
X (Twitter) EN:https://x.com/BlockFlow_News
Cobo
