Solution: Consumer Fintech Bolt-On
A worked walkthrough for the most common partnership scenario we see: an established consumer fintech with a large existing user base wants to add crypto receive, send, and hold to its app — without disrupting login, KYC, customer support, or its existing brand.
The scenario
You operate a consumer fintech app with millions of monthly active users. You already have:
- An existing login system (email-and-password, social login, biometric, or all of the above).
- An existing KYC posture for your users.
- An existing brand and design system.
- An existing customer-support organisation and policies.
- Regulatory permissions in the jurisdictions you operate in.
You want to add crypto. Specifically, you want each of your existing users to be able to receive, send, and hold stablecoins inside the app they already use, with you taking on minimal additional regulatory burden and zero additional infrastructure.
The remainder of this page walks through how a partnership with KryptoGO would shape that integration: which custody model you should pick, how authentication is wired, what ships in under a month, what ships in one to three months, and what needs additional scoping.
Recommended custody model: embedded self-custody
For this scenario the right answer is almost always embedded self-custody through our Mobile Wallet SDK. The reasons:
- Your users do not know what a private key is, and you do not want them to need to.
- You do not want to take on regulatory custody of user assets where you do not have to.
- You want a “lost device” recovery story that does not require your customer-support team to handle seed phrases.
- You want each user to have a wallet that follows them across devices, derived deterministically from the user identity they already use to sign in to your app.
Embedded self-custody, as described in Custody Options, splits each user’s wallet seed into three Shamir’s-Secret-Sharing shares: one in your cloud, one in KryptoGO’s cloud, one in the user’s device secure-storage. No single party ever holds the full key. Your team cannot move user funds. KryptoGO cannot move user funds. A user signing in on a new device recovers their wallet without anyone ever exposing the seed.
For your merchant treasury — the wallet you use to settle merchant payments to your users, or vice versa — you will additionally use the custodial Asset Pro model. Treasury operations need finance and compliance controls, so the multi-signature workflow is the right fit.
Recommended auth model: your JWT, our verifier
You already have an authentication system. We do not want to replace it. The Mobile Wallet SDK is designed to ride on top of any partner authentication that can sign a JSON Web Token. The flow is:
- Your existing login authenticates the user. Nothing changes here.
- Your backend signs a short-lived JWT identifying that user, using a private key you control. The JWT carries a user identifier in a claim of your choosing.
- Your app passes the JWT to the Mobile Wallet SDK alongside the client identifier we issued you.
- The SDK exchanges the JWT with KryptoGO’s auth backend, which fetches the matching public key from a JWKS (JSON Web Key Set) endpoint you publish, verifies the signature, the issuer, the audience, and the expiry.
- The verified user identifier is composed into a deterministic KryptoGO user ID of the form
custom:<your-client-id>:<your-user-id>. Same user, every time, across every device they sign in on. - Your user is now in a wallet view, branded with your theme.
You do not register your users with us as a separate signup step. You do not maintain a parallel user database with us. Your existing user IDs are the canonical reference, and our wallet provisioning happens silently the first time each user touches a crypto feature in your app.
Architecture, end to end
┌────────────────────────────────────────────────────────────────┐
│ Your app (iOS / Android, native) │
│ │
│ Existing login ──► Existing user session │
│ │ │
│ ▼ │
│ Your backend signs a JWT for this user │
│ │ │
│ ▼ │
│ Mobile Wallet SDK.init(clientId, userJWT) │
└────────────────────────────────────────────────────────────────┘
│
▼
┌────────────────────────────────────────────────────────────────┐
│ KryptoGO platform │
│ │
│ Auth backend ─► fetches your JWKS ─► verifies JWT signature │
│ │ │
│ ▼ │
│ User provisioned with deterministic ID │
│ │ │
│ ▼ │
│ Mobile SDK provisions wallet, splits seed into 3 shares │
│ ├── share 1 ─► your cloud │
│ ├── share 2 ─► KryptoGO cloud │
│ └── share 3 ─► user's device secure-storage │
│ │
│ Mobile SDK renders wallet UI in your theme │
└────────────────────────────────────────────────────────────────┘
│
▼
Public blockchains (multi-chain)For your merchant treasury, your operations team logs into the Studio control panel (in your branded subdomain, if you have one), reviews and approves Asset Pro transfers under a Maker / Approver / Signer workflow, and triggers payouts programmatically through the Studio API.
What ships in under one month
A focused team of two or three engineers on your side, with us providing integration support, can ship the following inside a single calendar month:
- Mobile Wallet SDK integration into your iOS and Android apps. The SDK ships as pre-built iOS and Android packages embedded into your existing apps via a method-channel bridge. Your platform engineers integrate the SDK; your backend engineers wire the JWT issuance.
- Authentication handshake. Your backend exposes a JWKS endpoint with the public key your app uses to sign user JWTs. Our auth backend is configured with your issuer, audience, and the claim that holds the user ID.
- A basic wallet UI inside your app. Balance, receive address with QR code, send to an address or a QR-scanned destination, transaction history. Branded with your theme through our white-label configuration.
- Multi-chain support. EVM chains (Ethereum, Arbitrum, Optimism, Base, Polygon, BNB Smart Chain, KCC, Ronin, Oasys) plus Solana, Tron, and Bitcoin send and receive — all supported by the SDK out of the box.
- Six-language localisation. English, Traditional Chinese, Simplified Chinese, Japanese, Korean, Vietnamese — all bundled in the SDK with over-the-air updates.
- Production sign-off on your side. Penetration testing of the integration surface, performance budgets, customer-support runbooks.
The limiting factor here is your release calendar, not engineering. The SDK has been deployed in production by partners with comparable user counts.
What ships in one to three months
In the same quarter, you can also ship:
- Stablecoin payment acceptance for merchants in your ecosystem. Your merchants can take USDC and USDT from any wallet. Settlement lands in their KryptoGO-managed receive address; you can choose to sweep settled funds into your own custodial pool through Asset Pro.
- Asset Pro custodial treasury for your merchant pool. Your operations team logs into Studio, sets daily transfer limits per operator, and processes payouts under a multi-sig workflow.
- Stripe-powered fiat on-ramp inside the wallet UI. A user can buy stablecoins with a card directly from inside your app. Coverage depends on Stripe’s geographic footprint in your target markets.
- KYB workflow for your own organisation and any sub-organisations you operate. If your jurisdiction requires you to operate KYB on the entities you serve, our compliance suite handles it.
- RBAC for your operations and finance teams. Granular roles inside Studio so that, say, only your finance lead can adjust transfer limits and only your CFO is a Signer.
- Webhook integration into your own backend for transaction lifecycle events. Payment-intent callbacks are signed with HMAC-SHA256 with replay protection.
What needs additional scoping
These items are common asks in this scenario and should be flagged early in a discovery call rather than at the end of an integration:
- Custodial treasury support for additional chains. Asset Pro currently covers Ethereum, Arbitrum, Optimism, Base, Polygon, BNB Smart Chain, and Tron. Solana support in custodial treasury is on the roadmap. If your merchant payments rely on Solana settlement, we will need a scoping conversation.
- Webhook subscriptions for Asset Pro transfers. Today partners poll the transfer-history endpoint for status. Push-based webhooks for Asset Pro transfers are planned; if you need them on day one, we will need to scope the work jointly.
- Cross-chain settlement. If your merchant treasury holds USDC on Arbitrum but a payout needs to land on a different chain, you will need an aggregator integration that we are currently scoping.
- A fully white-labelled reseller portal, where you operate a merchant-facing Studio under your own brand for your own sub-merchants. The reseller architecture is in design and we are happy to discuss timelines for a flagship partner.
- Custom hardware-based custody for high-value treasury sign-off beyond the existing TronLink integration.
Compliance posture inherited
When you partner with us under this model, your users transact through infrastructure operated by:
- A Taiwan-licensed VASP entity.
- An ISO 27001 certified information-security program.
- An ISO 27701 certified privacy program (KryptoGO was the first blockchain company in Taiwan to hold both).
- A SOC 2 Type II examined operation.
- An independent Cure53 security audit.
- A documented incident-response procedure with regulatory-notification timelines.
Customer data is encrypted at the application layer. Wallet keys, where we hold them, sit in a managed key vault. KYC and KYB workflows are powered by leading IDV providers under our regulator-approved policies. Sanctions screening runs on every onboarding and on every flagged transaction. Domestic Travel Rule compliance is in place; international Travel Rule support is expanding alongside regulator guidance in your target markets.
Your legal counsel will want our SOC 2 report, ISMS summary, and the Cure53 audit summary during procurement. We supply all three under NDA.
A realistic 12-week timeline
| Week | Workstream |
|---|---|
| 1 | Kick-off, joint scoping, security review, paperwork |
| 2 | KryptoGO provisions your client ID, custom-auth application, JWKS configuration; you stand up the JWT-signing endpoint on your backend |
| 3 | Mobile SDK integrated into your iOS app build; basic wallet UI rendering inside dev builds |
| 4 | Mobile SDK integrated into your Android app build; theme integration, language switch, error states |
| 5 | End-to-end testing on testnet across both platforms; performance and bundle-size budgets confirmed |
| 6 | Production sign-off on the embedded wallet; soft launch to internal users and a beta cohort |
| 7 | Studio onboarding for your operations team; RBAC roles and operator daily limits configured |
| 8 | Asset Pro treasury setup; pre-funding flow tested; multi-sig roles assigned |
| 9 | Payment-intent integration for merchant acceptance; webhook handler on your backend; HMAC verification tested |
| 10 | KYB sub-flow for your sub-merchants if applicable; compliance dashboard walk-through with your compliance team |
| 11 | Pilot launch to a wider user cohort; observability and incident-response drills |
| 12 | General availability launch; commercial reporting cadence agreed |
This is a realistic plan, not the fastest possible plan. The fastest possible plan is shorter; we will tell you so during scoping.
Where to go next
- For the underlying custody mechanics, see Custody Options.
- For the underlying compliance posture, see Compliance & Certifications.
- For the wallet-specific use-case page, see White-Label Wallet.
- For the payment-acceptance use-case page, see Accept Crypto Payments.
- To start a partnership conversation, contact our partnerships team via the address on www.kryptogo.tw .