Custodial vs self-custody crypto cards.

The two extremes, then the middle

At the extremes:

• Fully custodial: the card issuer holds your unspent crypto in their pool. You have a withdrawal right but not a private key. Examples: RedotPay, Crypto.com Visa, Bybit Card, Nexo Card, Coinbase Card, Bitpanda Card, Brighty, Wirex, Plutus, Bitsa, Fold, Kast.
• Fully self-custody: your unspent crypto stays in a wallet you control via a seed phrase or smart contract. The issuer's role is purely the card-rails layer. Examples: MetaMask Card, Gnosis Pay, COCA, Ether.fi Cash.

Between them sits a third pattern, MPC, which deserves its own explanation.

The four custody patterns, in detail

1. Fully custodial

The issuer operates a custodial wallet. You deposit crypto; they record your balance. When you spend, they convert from their custody at point of sale. The card runs on Visa or Mastercard rails like any prepaid card.

Pros: simplest UX, highest limits (issuer absorbs balance management), broad country coverage, easiest tax-record-keeping (the issuer's statement is enough).

Cons: issuer solvency risk on unspent balance, regulatory enforcement risk (issuer can be ordered to freeze accounts), platform-failure risk (a major incident could affect your spending balance).

2. MPC (multi-party computation)

The private key controlling your wallet is mathematically split into shares held by separate parties. Bleap is the canonical example in our coverage. The shares are typically your device, the issuer's infrastructure, and a third co-signer. Any transaction requires multiple shares to sign.

Pros: no single party can move your funds unilaterally, no seed phrase to manage, biometric authentication. Most of the security benefits of self-custody without the operational burden.

Cons: novel model; recovery depends on the protocol working as designed; third-party share dependency; smaller user base than custodial leaders.

3. Settlement contract self-custody

Your unspent crypto stays in your own wallet (typically MetaMask or similar). At point of sale, an on-chain transaction routes through a settlement contract that reconciles with the issuer's fiat-rails partner. MetaMask Card is the canonical example.

Pros: genuine self-custody, mainstream UX, broad rollout, predictable fees, integrates with existing wallet you may already use.

Cons: settlement contract is a smart contract (audited but not zero risk), requires basic wallet competency, lower limits than custodial leaders.

4. On-chain Safe self-custody

Your Safe (smart-contract wallet) IS the card account. Every spend is an on-chain Safe transaction. Gnosis Pay is the canonical example; Ether.fi Cash uses a related architecture with restaking collateral.

Pros: maximum architectural purity, full on-chain audit trail, no custodial intermediary anywhere in the spend flow.

Cons: steepest learning curve, lowest limits in our coverage, EU-only for both Gnosis Pay and (currently) most settlement infrastructure.

How to think about the choice

Threat models that argue for custodial

• You want simplicity and don't actively distrust regulated EU/UK issuers.
• You need high per-transaction limits ($25k+) that no self-custody card delivers.
• You're new to crypto and seed-phrase management feels too risky.
• You travel frequently and need broad country coverage.

Threat models that argue for self-custody

• You've internalised "not your keys, not your coins" and consider it non-negotiable.
• You're worried about issuer solvency, regulatory freezes, or platform failures.
• You hold significant crypto and don't want a custodial pool of it sitting with the card issuer.
• You want full on-chain audit trail for tax record-keeping (especially relevant in Italy with Quadro RT/RW).

Threat models that argue for MPC

• You want strong security without the seed-phrase responsibility.
• You live in the EU (the current MPC cards are EU-only).
• You want the no-single-party-control property without learning Safes.

The two-card strategy

For most readers serious about crypto cards, the right setup is two cards balancing the custody trade-offs:

• Daily / large spend: a custodial card for high limits and broad coverage. RedotPay is our pick.
• Daily / self-custody: a self-custody card for everyday spend where the custody model matters most. MetaMask Card globally, Gnosis Pay in the EU.

The two cards have non-overlapping risk profiles. Custodial-failure risk on one doesn't affect the other; self-custody operational risk on the other doesn't affect the first. Your spend is diversified across both patterns.

Background reading

• Best self-custody crypto card — ranked picks
• MetaMask Card vs Gnosis Pay — the two self-custody cards compared head-to-head
• How crypto cards work — the underlying settlement architecture
• Crypto card security — practical security across both custody models