Hardware wallet provider Ledger is facing backlash over its latest firmware update, which introduces the Ledger Recover service enabling users to link their seed phrase to their passport or identity card. While the service requires users to opt-in and pay a monthly fee, concerns have been raised regarding the potential security risks involved.
To utilize the service, users must provide their passport or national identity card for identity verification. Three encrypted fragments of the seed phrase are then stored by Ledger, Coincover, and another provider on hardware security modules (HSMs). Some users worry about relying on the security of these companies.
While Ledger emphasizes the safety of the fragmented storage system, citing its use of HSMs, critics argue that this approach still poses risks. They express concerns about potential data breaches and the possibility of hackers using the recovery service to gain access to users’ seed phrases.
Ledger’s previous data leak in 2020, which exposed customer information, adds to the skepticism. Users question the wisdom of backing up seed phrases online and entrusting personal identification documents to a company that has experienced such security incidents.
Ledger maintains that the process is secure, pointing to the use of liveness detection and human review during the recovery process. However, skeptics argue that exposing the seed phrase and providing government identification increases the likelihood of new forms of attack, such as identity theft.
While the concept of seed phrase recovery isn’t entirely dismissed, alternatives like social recovery, where users delegate trusted individuals or wallets as guardians, are suggested as more secure options. This approach allows users to maintain control over their wallets while reducing the risks associated with sharing personal identification documents.