Bitcoin security startup Gem opens its platform to the world
Intrigued by the disruptive potential of bitcoin but intimidated by the complexity of developing products and services based on the blockchain technology? You’re not alone, and for good reason. Not only is the blockchain complex, but associated applications have become targets for hackers and criminals.
Bitcoin security as a service startup Gem has opened its developer API to the general public today after nearly nine months in private beta. Venice, CA-based Gem offers multi-signature wallets, multifactor authentication, key generation and storage, broadcasting transactions to the blockchain, security,fraud monitoring and rules enforcement, and other features all as an on-demand service that can be integrated into any end-user experience in minutes with just a handful of lines of code. The company currently supports multiple programming languages, including Ruby, Java, Python, Node.js.
As part of this launch, Gem founder and CEO Micah Winkelspecht announced that the company has raised an additional $1.3 million in a Seed extension round led by KEC Ventures with participation from existing investors First Round Capital, RRE Ventures, ECEG Partners, Birchmere Labs, Baroda Ventures, Amplify.LA, Tekton Ventures, Drummond Road Capital, and Robert Wolfson. Gem (fka, BitVault) has now raised a total of $3.3 million to date.
Gem’s stated goal has been to eliminate the learning curve for bitcoin developers, while allowing the industry to adopt best-in-class security standards to store, encrypt, and backup end user bitcoin assets, without deep expertise in cryptography or security. The company’s API does exactly this by making a comprehensive set of security solutions available at the push of a button. Crucially, Gem never needs to take possession of end-user funds, meaning that relationships between consumer and developer go un-interrupted.
Winkelspecht notes that Gem allows bitcoin developers to adopt, for the first time in the industry, standard banking industry grade (FIPS 140-2 Level 3 certified) Hardware Security Modules (HSMs).
“The entire banking world has been using HSMs for years to secure financial transactions, including Visa, MasterCard, American Express, and even Apple Pay,” Winkelspecht says. “But until now, the Bitcoin industry hasn’t been using them because they weren’t designed for Bitcoin. We fixed that problem.”
Gem takes the approach that neither it, nor any other bitcoin company should be able to access client funds. As a result, the company stores all information related to consumer bitcoin assets on its servers in encrypted form yet neither the company nor the developers using its service have the ability to decrypt this information without private keys known only by the end user. In this way, if Gem’s servers are hacked, no funds will be lost. At the same time, on the downside, if the consumer loses their private keys, the company cannot help them recover their encrypted funds.
This is a dramatically different approach than the one followed by prominent consumer bitcoin wallet companies like Coinbase and Circle, which, more akin to a traditional bank, centralize all client funds in a single account and rely on insurance as a backstop against any potential loss. Others, like Blockchain, take a similar hands-off approach.
In its early days, many bitcoin early adopters were highly skeptical of relying on any third-party company or service to secure their bitcoin assets. Being highly technical themselves, this meant much of the community relied on homegrown or open source solutions – to varying degrees of success. But with bitcoin beginning to go mainstream, the demand for accessible and yet reliable consumer bitcoin security features has quickly outpaced the availability of such products. The frequent hacking of many of the most highly-visible platforms across the industry only emphasizes the need for better security at the consumer level.
"Many developers are eager to incorporate bitcoin into their products and services, but aren’t sure where to start, or are lacking resources to figure it out,” Winkelspecht says. He later adds, “We’ve been speaking a lot with our beta customers, and they’ve told us repeatedly that our API has freed up their development resources to focus on building experiences their customers love. They also feel they can sleep better at night knowing their customers’ bitcoins are safe. They feel empowered, and that was our goal.”