# Coinbase’s Security Incident Highlights Why Embedded Wallets and On-Device Self-Custody Matter > How a support-layer breach reveals the hidden risks in the custody chain—and why embedded wallets with on-device key storage offer a more secure alternative. **Published by:** [RallyProtocol](https://blog.rallyprotocol.com/) **Published on:** 2025-05-15 **Categories:** crypto, onchain, custody, embedded, wallets **URL:** https://blog.rallyprotocol.com/coinbases-security-incident-highlights-why-embedded-wallets-and-on-device-self-custody-matter ## Content TL;DR: A recent security incident at Coinbase—stemming from compromised third-party support agents—highlights the value of minimizing intermediaries in wallet infrastructure. This post explores how embedded wallets with user-owned, on-device custody offer a more secure foundation for mobile-first onchain apps.Lessons from the Coinbase IncidentIn a recent blog post, Coinbase revealed an extortion attempt involving cybercriminals who bribed overseas customer support agents. These agents were convinced to leak user data, which was then used in targeted social engineering attacks. Crucially, no private keys or passwords were leaked, and the company acted quickly to reimburse affected users. But the real issue here isn't just the attack—it's the reliance on a third-party custody and support layer that created a vulnerable entry point in the first place.Centralized Custody: Still a Single Point of FailureFor all its user-friendly interfaces and institutional credibility, centralized custody introduces systemic risks:Support agents can be bribed or socially engineeredSensitive metadata (emails, balances, behavioral patterns) is exposedUsers don’t actually control their keys or signing privilegesThis undermines the core ethos of Web3—ownership without intermediaries.Embedded Wallets: Reducing the Human Attack SurfaceEmbedded wallets offer a fundamentally different model: users control their keys from the start, and those keys are stored securely on their own devices. Here’s what user-owned, on-device custody via embedded wallets provides:No centralized customer support layer with access to user accountsProgrammable controls for gasless transactions and session managementKeys stored on the device or secured via passkeys, biometrics, or secure enclavesReduced liability for you, the developerPlatforms like RallyProtocol offer permissionless SDKs for building mobile-first, embedded wallet flows that feel like Web2 but behave like Web3.Why It Matters for Mobile-First AppsIf you’re building a mobile dApp, the UX needs to be seamless—no copy-pasting seed phrases or redirecting users to browser extensions. But you also need to ensure users truly own their assets. By using open & permissionless developer tools for mobile, you can:Build intuitive onboarding with auto-generated walletsSupport social logins with underlying cryptographic safetyAvoid custodial compliance burdens (you never touch the funds)Design and own the entire onchain experience without compromising user custodyFinal ThoughtsThe Coinbase incident wasn’t about bad tech—it was about bad incentives and centralized risk. As developers, we can design systems that are resilient not just to code exploits, but to human ones. Embedded wallets with on-device custody let us build for the future—where users hold the keys, and developers build with trust, not compromise.About RallyProtocolRallyProtocol is an open and permissionless onchain mobile toolkit designed to help developers build seamless, secure crypto-native experiences. With features like embedded wallets and gasless transactions, Rally enables apps to support self-custody from day one—without compromising on UX. Whether you're building in Flutter, Unity, React Native, Expo, Swift, or Kotlin, RallyProtocol gives you the tools to go onchain, mobile-first, and user-first. ## Publication Information - [RallyProtocol](https://blog.rallyprotocol.com/): Publication homepage - [All Posts](https://blog.rallyprotocol.com/): More posts from this publication - [RSS Feed](https://api.paragraph.com/blogs/rss/@rallyprotocol): Subscribe to updates - [Twitter](https://twitter.com/rallyprotocol): Follow on Twitter ## Optional - [Collect as NFT](https://blog.rallyprotocol.com/coinbases-security-incident-highlights-why-embedded-wallets-and-on-device-self-custody-matter): Support the author by collecting this post - [View Collectors](https://blog.rallyprotocol.com/coinbases-security-incident-highlights-why-embedded-wallets-and-on-device-self-custody-matter/collectors): See who has collected this post