New iPhone-Controlled Crypto Vault Promises 'Bank-Grade' Security

Trustology, founded by technologists who previously worked at such banks as BNY Mellon, RBS and Barclays, has launched an iPhone-controlled crypto vault it claims is secure enough for financial institutions.

At first blush, TrustVault might look like another crypto wallet phone app.

"It allows you the ease of a mobile phone, but really what we always talk about is a TrustVault account. If you mention the phone, people think it's just a phone app. But that's a bit like saying my bank account is just the mobile bank app. It looks like a simple app, but the real power is in the service behind that."

Like a bank, Trustology identifies its customers upfront, and if the phone is lost, the account can be recovered with the company since the private keys to the crypto wallet are not stored on the device.

A slew of blockchain phones has hit the market of late, such as the Samsung Galaxy S10. or the HTC's EXODUS 1.

For now, TrustVault is only compatible with iPhone because historically it's the only phone with an enclave secure enough for this type of custody service, Batlin said.

When the app is launched, a cryptographic private key is created in the iPhone enclave, followed by bank-grade know-your-customer process which ties the non-extractable key to the user's identity.

The next step is to create a key account with TrustVault, a request which is signed by the private phone key.

A private key is then created inside the HSM and a "Policy file," which associates the key inside the phone with the one inside the HSM. From there, the user's public address becomes the equivalent of a bank account, said Batlin.

"To move money you have to be able to sign the transaction with the key inside your phone and send it to us. We then load the appropriate policy file and then only if that key is mapped to the key inside the HSM do we re-sign that transaction with the real key inside the HSM.".