Preventing Security Breaches in Blockchains

Preventing Security Breaches in Blockchains

Preventing Security Breaches in Blockchains

Blockchain technology has existed since 1982 as a means of storing data in a trustless and decentralised way but was unknown outside the computer science world until in 2008 the whitepaper, ‘Bitcoin: A Peer-to-Peer Electronic Cash System’ showed that blockchain could form the basis of an electronic ‘cryptocurrency’.

Since then Bitcoin and ‘altcoins’ have multiplied in their thousands and while some have been successful, others have been set up as exit scams and subject to data breaches and theft. Blockchains have also been used to power everything from Non-Fungible Tokens to refugee camps.

Although the blocks that make up a blockchain cannot be retroactively altered, this is not to say blockchain is impenetrable by bad actors. For example, recently the Poly Network, a major player in decentralised finance, or DeFi, was hacked and although the money was returned, this proves that blockchain technology is by no means safe.

Blockchains in many forms

Blockchain companies such as Coinbase are by definition FinTechs, and existing FinTechs, like the challenger bank Revolut, offer investment in cryptocurrency alongside other financial services. Other companies such as Citi Bank and JP Morgan are using blockchain to solve long-standing problems, trialling an application of blockchain technology to significantly speed up cross-border transactions, allowing money to be sent internationally almost instantaneously and with greater transparency.

In other areas, such as stock trading, which heavily relies on paperwork and shuts down over the weekend, blockchain technology can be adapted to systems where all participants can easily check and verify trades and execute them in real time, 24 hours a day, seven days a week.

Companies like Figure are also using blockchain technology to provide personal loans and mortgages, again at a much faster turnaround time than the standard industry turnaround. The reason for this is because blockchains allow for easier identity verification and immutable and accurate information, cutting down on the time it takes to approve loans.

Changing the crypto demographic

After nearly a decade since going mainstream, El Salvador is still the only country that considers cryptocurrency to be legal tender, and this has been met with protests. Therefore it makes sense that only 2.3 million people in the UK hold any form of cryptocurrency, compared to the one third of the country that own traditional investments like stocks and shares. Use of other blockchain applications is likely to be rare, and the most recent research on people’s attitudes showed that 70% of survey respondents (.pdf) either hadn’t heard of cryptocurrencies or didn’t know how to define one.

This clearly indicates that FinTech companies have a lot to do before the idea of services being blockchain-based becomes attractive to the wider community, rather than only attracting a wealthy, middle-aged, male and white demographic. Just as important as educating the public about the positive aspects of blockchain technology is reducing the negatives, namely security breaches.

Providing a secure blockchain

Blockchain security breaches can happen in one of two ways; first by editing the historical record itself – performing ‘double spend’ attacks in which the block that records a transaction is replaced with a block that does not. The security breach most commonly seen is the compromise of individual wallets, much the same as fraudsters compromise usernames and passwords on eCommerce sites. So-called ‘hot wallets’, those connected to the internet that contain the public and private keys that make blockchain transactions possible, can and have been hacked.

Therefore, strong cryptography provided by hardware security modules will be key for blockchain-based FinTechs; they store and protect the private and public keys, guaranteeing that both parties in a transaction are who they say they are. Because each node in a blockchain has access to part of the chain, there is no central location where data can be protected behind firewalls, but deploying hardware security modules (HSMs), companies handling sensitive financial data can be as assured as it is possible to be that their blockchain is secure.

Blockchain regulations are continuously evolving, making it difficult to predict what will be compliant in the future. However, HSMs have provided the backbone of security in so many industries and applications that there is no doubt that they will continue being a vital part of securing blockchains in FinTech.

Exit mobile version