Zerion has partnered with Magic to help new users set up an Ethereum wallet for the first time. Magic is built by the team at Fortmatic Inc, an audited cybersecurity company that specializes in blockchain private key management.
Their Delegated Key Management architecture is a non-custodial solution that delegates encryption and decryption operations to a trusted AWS Key Management Service – thus completely bypassing the Magic backend.
Private key storage
“Physically” speaking, your private keys are stored on Hardware Security Modules (HSMs) provided by Amazon Web Services' Key Management Service (AWS KMS). According to Magic’s security documentation:
HSMs are a lot like popular FIDO [“Fast ID Online”] devices like YubiKeys or hardware-based wallets for cryptocurrency storage such as Trezor or Ledger, but instead, they sit in the cloud, heavily secured by AWS’s data centers. Users' private keys are encrypted by these hardware-based user master keys, which means that attackers need to gain access to these hardware to be able to retrieve the keys, and are forced to stay within Magic's adversarial infrastructure - which is capable to detect, impede, and monitor attacker's progress to prevent and mitigate any damages.
To read more about how Magic optimizes security, check out their extensive documentation.