Skip to contentSkip to site index
Coinbase Logo
Sign in
Sign up
Company

My Journey as a Product Manager at Coinbase

By Joe Biesemeyer

Tl;dr: Senior Product Manager, Joe Biesemeyer, discusses his journey at Coinbase and the lessons he has learned that have helped build his career as a Product Manager.

Coinbase Blog

5 years ago, I transitioned to product management here at Coinbase. The past 5 years have been a cycle of sprinting, learning, & growing. 5 years ago, I never would have imagined this journey would lead to me owning every customer’s first interaction with our products.

Today, I lead the Identity group—a team of PMs, designers, a data scientist, & engineers. We own Coinbase’s front door: sign-in, sign-up, 2FA, authorization services; and a lot more in between.

When your product is the foundation of your company's trust, and your services are Tier 0 dependencies for hundreds of internal teams, you learn to make decisions differently. The standard tech playbook doesn't always apply. We had to develop our own principles for innovating in a high-stakes environment, which became crystal clear when we decided to introduce Passkeys.

Passkey: A New Front Door for Coinbase

The password has been the default for internet security since its inception, and a widely broken flow. Passkeys, a newer authentication technology, offered a chance to build a safer front door for our customers. The question wasn't if we should adopt them, but when & how.

This was a foundational change. We faced a classic dichotomy - how do we make Coinbase easier to use while also increasing security? Moving too fast could cause mass confusion, lock users out, and damage trust. Moving too slow would leave our users exposed to threats.

Our decision-making focused on a few critical questions:

  • Is the technology ready for our customers? Passkeys were new and the user experience had rough edges across different devices and browsers.

  • Are our customers ready for the technology? How do you introduce a new login method without forcing disruptive change on millions of people?

  • Is it truly more secure? We had to be certain it met our bar for user protection.

After aligning with leaders from Security, Compliance, Legal, and nearly every product group, we made a critical decision: we would go all-in on passkeys, but in a phased approach.

Instead of forcing our users to learn & start using passkey on the spot, we launched passkey support as an optional but highly leveraged feature. This strategy allowed us to champion a more secure standard without risking user lockout or causing frustration. It allowed us to drive passkey adoption toward our goal of 75% while respecting our users' readiness to adapt.

Principles for Building in a High-Stakes Environment

That experience solidified a framework for making critical decisions that I now use daily.

1. The Most Secure Path Must Be the Easiest Path. This principle rejects the old belief that security must come at the cost of convenience. The ultimate goal is to design systems where the most secure action is also the most intuitive and frictionless. When the path of least resistance is also the safest one, you achieve security by default, not by force. This is the thesis behind our deployment of Passkeys. It's why our team's goals are not just about security, but also about improving the ease of use of our platform. We make the best path the easiest one to take.

2. Your Threat Model Is a Core Product Spec. We treat it as a foundational product artifact, as critical as the PRD. It details how an attacker could misuse the system, technology, or authentication stack. Those "anti-user stories" must be designed against from day one. This means our product development is directly guided by our efforts to mitigate threats. We don't just build features and then secure them; we build security-first by making the adversary's goals a core part of the product spec.

3. Define Your "Minimum Viable Confidence." In a high-stakes environment, you can't wait for 100% certainty before you ship. You must define the "Minimum Viable Confidence" required to proceed. This means rigorously identifying the most critical risks and getting certainty on those, while consciously accepting ambiguity elsewhere. For Passkeys, we needed high confidence that the core flow was secure and that our account recovery systems could handle any issues. We did not need 100% confidence that every user would understand it immediately, which is why we made it optional. Meeting that bar of minimum confidence allowed us to ship and learn safely.

Building Your Career on the Frontier

These principles aren’t meant to be comprehensive, or full case studies - they’re pieces I keep top of mind I’ve built over my journey at Coinbase. This is a company that doesn't just hire experienced PMs; it grows them. I was given the opportunity to transition into product here and was trusted with progressively larger challenges—from working on individual features to now leading a foundational platform team.

That’s the story I wanted to share. Coinbase is a place where you can do career-defining work because you are given the ownership and the support to tackle the industry's hardest problems. If you're a builder who wants to solve foundational challenges where the stakes are highest, this is the place to build your career.

Sound interesting? We're hiring! coinbase.com/careers

Disclaimer: This content is for informational purposes only. The views expressed are the author’s and do not constitute financial, legal, or investment advice.

Recent stories

Disclaimers: Derivatives trading through the Coinbase Advanced platform is offered to eligible EEA customers by Coinbase Financial Services Europe Ltd. (CySEC License 374/19). In order to access derivatives, customers will need to pass through our standard assessment checks to determine their eligibility and suitability for this product.