The Casa Recovery Key is one of the keys in your multisig keyset that is able to sign and send transactions in Casa App.
The recovery key is held by Casa, but cannot by itself be used to spend funds.
The Recovery Key is not intended to be used in normal use of the Casa App. The Recovery key is there just in case you lose access to one of your other keys.
While the Recovery Key is held by Casa, there are additional security features in the app to ensure that only you can access the recovery key. These features vary depending on your membership level.
- At the Gold level of membership, use of the Casa Recovery Key is authenticated by answering a series of security questions that you've chosen.
- At the Platinum and Diamond level of membership, use of the Casa Recovery Key is authenticated with a live video verification call with our Client Services team.
Recovery Key for Gold (2 of 3 Basic Multisig)
When you first set up your 2 of 3 multisig keyset at the Gold membership level, you set the answers to 3 security questions, which you'll need to answer correctly if you ever need to use the recovery key. Once you answer them correctly, there's a 7-day security delay between when you request use of the key, and when the transaction is signed by Casa.
Security questions are one of the best ways to authenticate someone without gathering personally-identifying information.
When you set up your Recovery Key in the Casa App, you are asked to choose from a series of questions and set the answers to them.
We wrote our question options to point users toward something that is memorable to them personally, but not generally available publicly. Two examples are, “What is the name of the first person you kissed?” and “What was the brand of the first alcoholic beverage you tried?” While we can’t be 100% sure that these answers aren’t publicly available for some people, we can educate users not to pick questions that may compromise them. Example: if you raved about your magical first kiss on Facebook for weeks after it happened, maybe don’t pick that question.
To mitigate the risk of in-person attacks, and the risk that your security questions could be correctly guessed, there is a 7-day time delay on recovery signatures after the security questions are answered. This gives Gold members plenty of time to cancel a transaction if it was not authorized.
When combined, these authentication methods provide a compelling solution to the problem of authenticating a recovery without needing extensive KYC data.
If you would like to change your security questions for optimal security hygiene please see Resetting the security questions for Gold members.
Recovery Key for Platinum and Diamond (3 of 5 or 3 of 6 multisig)
Use of the Casa Recovery Key for our premium clients is done via video verification with our Client Services team.
When you first set up your Casa Recovery Key at the Platinum and Diamond membership levels, you have the option to take a "selfie" in the app.
When you need to request use of the Casa Recovery Key, you can schedule an appointment with our team by reaching out to your Client Services Rep. Our team will meet with you directly over an audio-video call to ensure that it's really you making the request, and that you're not under duress.
You can optionally set up a duress word or phrase with our team, so that if the word or phrase comes up during the call, we will not immediately sign your transaction request and can even take additional action on your behalf, such as contacting a family member, if requested.
For our customers who wish to retain a higher degree of anonymity, the image you use as your recovery photo doesn't have to be a selfie - it can be an image of something unique to you that is not necessarily personally identifying, but something that's always with you. Examples of this could be a tattoo that you have, or a watch, or a wedding ring.
The image you use as your recovery photo could also be a common item that's easily obtainable from almost anywhere in the world - an image of a can of Coca Cola, as an example, could be your recovery photo. if you ever needed to use your recovery key, you would simply show a can of Coca Cola during your verification call.
Talk with your Client Services rep as to the customization options you have available with regards to the Casa Recovery Key.