Case Study

Relai

Securing Bitcoin Wallet Relai with Biometric Multi-Factor Authentication

Download Case Study

Request Demo

Case Study

Relai

Securing Bitcoin Wallet Relai with Biometric Multi-Factor Authentication

Download Case Study

Request Demo

We had two options for our users, the first was to remember an email, password and 12 word phrase and the second was to use Keyless and just look at the camera.

AdemCo-Founder and CTO, Relai

Overview

Relai is a Swiss-licensed financial services provider that makes buying and selling Bitcoin simple and accessible.

With over $1 billion in trading volume and more than 500,000 app downloads, Relai handles tens of thousands of logins, transactions, and account actions every day. Ensuring the security of these activities while maintaining user privacy is especially important in the crypto community.

To meet this challenge, Relai integrated Keyless biometric authentication as it could deliver multi-factor security in under 300 milliseconds with just one look at the device camera.

Download Case Study

The Challenge

In the financial services sector, every user touchpoint carries risk. For Relai, protecting user identity is crucial at all stages, whether logging in, transferring funds, or recovering an account. Financial apps must continuously authenticate users to ensure that the person performing an action is the person that set up the account, not a fraudster who has stolen or broken into their phone.

Before choosing Keyless, Relai relied on a mix of passwords, PINs, and local biometrics (FaceID) to authenticate their users.

Login

Users used to rely on local biometrics like FaceID, but multiple people can register on one device, and failed checks fall back to the same PIN used to set up FaceID.

Step-up actions

For actions like deleting an account, the user had to enter a PIN, which is guessable and does not prove identity.

Account recovery

Relai stores a 12-word seed phrase in-app, unlocked via email verification. But email OTPs are vulnerable to phishing, so an attacker with inbox access could take over the account.

Login

Users used to rely on local biometrics like FaceID, but multiple people can register on one device, and failed checks fall back to the same PIN used to set up FaceID.

Step-up actions

For actions like deleting an account, the user had to enter a PIN, which is guessable and does not prove identity.

Account recovery

Relai stores a 12-word seed phrase in-app, unlocked via email verification. But email OTPs are vulnerable to phishing, so an attacker with inbox access could take over the account.

Relai needed something stronger: a way to reliably authenticate identity across every touchpoint – authenticating users immediately without any friction or compromising privacy.

The Solution

Relai replaced its existing methods with Keyless. Unlike FaceID or other local-level checks, Keyless uses the cloud and sits within the Relai app. It doesn’t assume that the device owner is the account owner. Instead, Keyless authenticates two key factors in less than a second:

The user’s face – matched against the original face set up during enrollment.

The user’s device – ensuring it’s the same or a trusted device from enrollment.

Crucially, Keyless does this in a privacy-preserving manner – as it does not store biometric data anywhere, neither on the cloud or the device.

Keyless now secures critical touchpoints within the Relai app:

Login

Users log in by simply looking at the camera, without any PIN needed for authentication.

Step-up actions

Making sure only the real account can delete their account and change personal details.

Account recovery

Before viewing their seed phrase, users authenticate biometrically. If someone else has access to the phone or email, they still can’t recover the account.

Login

Users log in by simply looking at the camera, without any PIN needed for authentication.

Step-up actions

Making sure only the real account can delete their account and change personal details.

Account recovery

Before viewing their seed phrase, users authenticate biometrically. If someone else has access to the phone or email, they still can’t recover the account.

Why It Works

Strong identity assurance: Biometric and device-based multi-factor authentication, which ties authentication to the real user.

Privacy-first: Biometric data is never stored or exposed, complying with GDPR and beyond.

Effortless UX: A simple, 300 millisecond face scan delivers strong security without friction.

Instant recovery: Protecting the seed phrase with a secure biometric scan.

That’s often why businesses stick with weaker methods like SMS codes or local FaceID – they’re easy, familiar, and already on the device. But SMS can be phished. And FaceID doesn’t prove identity – it just proves someone can unlock the phone.

Keyless avoids this trade-off by offering multiple ways to enroll users - without adding steps or slowing them down.

Looking Ahead

By integrating Keyless, Relai has reduced reliance on seed phrases for account recovery and delivered faster, frictionless logins, whilst protecting their customers’ privacy.

As Bitcoin adoption grows, so does the demand for stronger, user-friendly security. Relai is setting the standard with a model that prioritizes privacy, control, and trust – powered by Keyless.