The BitPay debacle has demonstrated one thing above everything else: We aren’t a mature, professional industry just yet. While most of us have known that for a long time, the recent events underline the fact that even at the upper echelons of the industry, we still have amateurish security practices and behavior.
The silver lining to the Mt. Gox failure was supposed to be that it acted as a cleansing event, an event that caused industry as a whole put on their big boy pants and started making Bitcoin live up to its promise of a secure digital currency.
Of course, Bitcoin is a secure digital currency, but with continual hacks to third party services, it doesn’t look like that from the outside. Furthermore, it simply isn’t secure for the average consumer. It is one thing to tell the relatively tech savvy early adopters of bitcoin (which includes most CoinJournal readers) to secure their bitcoin using offline wallets and multisig wallets, it is another thing entirely to get the average American, whose main exposure to “geek culture” is the Big Bang Theory, to follow those practices.
People are used to banks and Paypal and Apple handling their security. They don’t have any understanding on how to do it themselves and there is scant evidence that they are interested in learning.
Bitcoin needs exchanges, and it needs simple web wallets where the average user can hold their cash. Perhaps with an extensive education campaign, and a service that makes it simple, we could convince a number of of the mainstream users to keep their Bitcoin savings in paper wallets, but if we want them to spend bitcoin and contribute to the economy, asking them to download their own copy of the blockchain and hold their own private keys and do everything they need to do to keep their hot wallet both safe and accessible, is unrealistic.
There are plenty of services that make Bitcoin simple. Coinbase, Circle, BitPay, BitReserve, Bitstamp, they are all relatively simple to use and could be figured out by anyone with a minimum understanding of technology. The problem is that every event like the BitPay debacle lessens the trust for all those other services. It is harder for me to recommend any Bitcoin exchange or webwallet to new comers after the hack than it was before the hack.
We shouldn’t forget that BitPay took the hack on the chin and didn’t pass the loss onto their customers (though, it could be argued that their recent price hike might be a round-about way to do just that).
But when they sued their insurance company, their lax security practices came out in the discovery process and that hurt their reputation as much or more than the hack itself did. It is one thing to think they lost a few thousand bitcoins to the internet’s most sophisticated hacker, it’s another thing when the hacker simply asked for it from a hacked email address.
Hardware wallets, like Satoshi Lab’s Trezor and several others, do offer a relatively simple and absolutely secure way to hold your own bitcoins. It hasn’t been a perfect solution, the cost of entry is relatively high (especially when considering third world markets) but it has been a definite step in the right direction. Advocates can at least tell newbies that if they are going to invest heavily into bitcoin, they are best off with a hardware wallet.