Among worldwide central banks, offering Central Bank Digital Currency (CBDC) wallets is viewed as one fundamental way to overcome a two-fronted challenge they currently contend with. On the one hand, consumers are using less physical cash, which subverts public confidence in the fiat monetary system. At the same time, central banks are not oblivious to the fact that Meta, Facebook, Google, and other big tech juggernauts have or still have aspirations to issue their own currencies. Given these platforms' gigantic user bases, introducing their respective digital currencies would further destabilize economic influence.
Additionally, people have less faith in the cryptocurrency market. After the crypto crash last year, there is a smaller appetite for storing digital currencies and assets, resulting in innovative cold wallet solutions.
For these reasons, the case for CBDC wallets has lately gained considerable attention from central banks, wallet solution providers, and smart card vendors active in the mobile/digital wallet space.
Functions That CBDC Wallets Must Provide
When the Bank of International Settlements (BIS) recently surveyed 81 central banks, 90% indicated they are exploring the idea of CBDCs. Over half of the surveyed central banks are already developing CBDCs or conducting experiments.
As worldwide monetary systems get further intertwined with CBDCs, yesterday’s traditional banking services will be complemented with CBDC wallet solutions.
Wallet providers that plan to target central banks with CBDC wallet solutions must hit on the following four key points to facilitate a smooth transition:
- Transaction Authentication: Many security breaches occur at the transaction level, making user authentication vital to CBDC wallet trust. A CBDC wallet needs to provide guarantees that only the authorized user can send and receive stored currency.
- User Authentication: CBDC wallet providers must develop assurances for users, especially as banking app users are already wary of security threats. A simple Personal Identification Number (PIN), password, Fast ID Online (FIDO), or biometrics are all effective ways to confirm a user’s identity before the wallet is accessed.
- Balancing Privacy and Transparency: Privacy is the number one attribute potential CBDC customers care about. But CBDC wallets are inherently traceable by governments and law enforcement. Wallet market players must find a happy medium between asset visibility to authorities and user data privacy.
- Practical User Interface: A functional user interface is essential for any modern device, and CBDC wallets are no different. CBDC wallet platforms should make it easy for users to read the information on the display with clear outlines. User interfaces also tie in with security, as an unsecured display is sometimes the origin of a breach.
Hot or Cold?
At present, the CBDC market is undecided between hot and cold wallets. A hot wallet enables simplified use and takes away much of the stress for citizens to manage their own coins and private keys, but it is more vulnerable to malicious activity.
A cold wallet solution would provide greater security and self-determination. Still, it would be near impossible to recover if a private key is lost and would become complex for the less tech-savvy, such as the elderly.
Ultimately, the CBDC wallet solution must be as readily available to citizens as a standard payment card, as governments and central banks are also responsible for catering to non–mobile users. The regular smart card format, or dongle device, could be a potential solution to facilitate this.
Related Content:
74 Technology Trends To Expect in 2023
Securing the CBDC Wallet at the Hardware Level
Security is one of the most important factors for banking customers. For example, a recent FICO consumer survey found that good fraud protection is the top consideration for Americans when they consider a new financial account.
If central banks can’t effectively protect user privacy when they use a CBDC wallet, the market will not realize its full potential. Therefore, there is ample opportunity for wallet providers to distinguish themselves—in the eyes of central banks—by incorporating reliable security solutions.
To keep CBDC wallets safe from malicious actors, such as cybercriminals, try using the following hardware security features can be utilized:
- Embedded Secure Elements (eSEs) are getting popular for secure hardware wallets that make data extraction extremely difficult. By compartmentalizing information, eSEs make it so that a stolen chip from a CDBC wallet would have a limited amount of information that can be stolen. Thankfully, eSEs are compatible with various form factors, such as Universal Serial Bus (USB) technology, smart cards, and mobile devices.
- Physically Unclonable Function (PUF) refers to a type of root-of-trust technology that secures private keys stored within the device. PUF circumvents security breaches of the CBDC wallet by generating random patterns in the silicon to distinguish chips from one another. The hardware root-of-trust is formed when the PUF generates a unique random number to create a seed device Identity (ID) and cryptographic keys.
- Trusted Platform Modules (TPMs) provide the benefit of an isolated security solution for a storage wallet that enables the secure creation of cryptographic keys. TPMs leverage true random number generation for wallets. Although they come at a higher cost and are typically used for higher-end Internet of Things (IoT) devices, TPMs provide other security capabilities like remote attestation and sealed storage.
Connect with ABI Research
To keep your eye on the latest payment technology developments, including CBDC wallet updates, subscribe to ABI Research’s Digital Payment Technologies Research Service.
Our service will provide you with comprehensive analyses of contemporary and future payment methods and the technologies that are shaping the future of the payments market. Our content will keep your organization one step ahead of your competitors with unique perspectives backed up by industry interviews and market data.