According to research, by 2021, the volume of mobile payments in the USA will overcome $300 billion, while it will reach $6.3 trillion in China in 2020. Mobile P2P payments and transfers are on the rise; new players are popping out, while established leaders are coming with new solutions. More and more people include mobile transfers in their daily routine. Therefore, the question of security is a “hot” topic in fintech. Almost inevitably, blockchain technology is mentioned in connection with sensitive data safety.
Current security challenges faced by banks and money transfer apps
It may sound outdated in 2019, but banks and apps are not as well protected against viruses and malicious software as they must be. There are also phishing and watering holes; hackers attack ATMs on an almost regular basis. In short, attacking methods are evolving as fast as banking and financial services themselves.
Hackers and malware do cause non-stop problems for security departments at banks, but there are other issues. Let’s take SWIFT, for example. It seems that its dominant position in the global processing of transactional messaging is undisputable. However, the system has its problems too. SWIFT is in an urgent need of automation since transactional volumes are enormously huge. This will require a significant overhaul and, inevitable, big investments. SWIFT clients will, of course, feel the cost of this change and will need to look for less expensive alternatives. Another problem is that SWIFT is slow and can’t process transactions in real-time. Moreover, cyber attacks on the SWIFT network are not rare at all.
What’s the solution then? New technologies, like blockchain. According to Hu Yoshida, CTO of Hitachi Data Systems, blockchain can save billions for banks if they’ll stop using slow and costly centralized payment systems.
How blockchain addresses current security challenges
In a nutshell, blockchain eliminates the need for intermediaries like expensive payment systems that are currently handling transactions. Moreover, the operational speed increases significantly. In the traditional scheme involving a clearing company, this process takes up to several days, while blockchain manages it in real time.
It’s also important to mention such cryptography methods as “digital signature” and “hashing” when we consider blockchain as an answer to security problems.
Digital signature (also known as an electronic signature) guarantees the authenticity of an electronic document or a transaction in digital communication. It uses encryption techniques to provide proof of authentic and unaltered documentation; it’s impossible to forge.
Hashing is generating a value or values from a string of text using a mathematical function. A formula generates the hash, which helps to protect the security of the transmission against tampering. When a user sends a secure message (or a transaction), a hash is generated and encrypted and is sent along. The receiver decrypts the hash and the message; then, another hash is created from the message. If the two hashes are identical, then a secure transmission has occurred. This process ensures, therefore, that an unauthorized party does not alter the transaction.
Ok, but what about SSL (Secure Sockets Layer) and 2FA (Two-Factor Authentication) technologies? As the CEO of USDX Wallet Andrey Peshkov explains, although these two methods are widely used, they have their vulnerabilities, making them slow and outdated. Blockchain, on the other hand, provides security, speed and flexibility. Let’s have a deeper look into it.
The SSL cryptographic protocol may be one of the most established and used, but serious flaws have been identified in recent years. There is even the list of security vulnerabilities related to the SSL system. As a result of that, trust in SSL is waning. Reliance on an authentication server or password database – two common targets for attacks – is the main issue of SSL. And that’s where blockchain can change the situation.
“The decentralized ledger can be used by individual parties to create unique cryptographic keys that can verify the information and ensure secure communication. Therefore, there is no need to rely on the most vulnerable aspects of the system”, Andrey Peshkov adds.
In terms of 2FA, blockchain can provide faster authentication process and privacy. 2FA requires users to share sensitive information (phone number, card details, billing address, etc.) with banks/retailers/marketing companies. Blockchain-based payments and transactions are private, fast and secure. Users store their information through attestations, digital tokens, and other references, meaning that there is no need to share it with third parties.
Blockchain and KYC/AML
Blockchain offers tangible upgrades to AML (anti-money laundering) and KYC (know-your-client) solutions. Banks have to perform a massive amount of complicated actions to verify each new customer; the process of data collection and verification can take several months. Now, If the required data was already in a distributed database, lots of steps could be eliminated. The advantage of blockchain here is the following: any changes in the data will be instantly distributed to all network participants. It also provides compliance records of client’s individual actions with regulatory requirements. Another option to use the blockchain is to develop a system for managing personal data. This will reduce KYC and AML processes to a simple automated verification. The SWIFT has already taken the first step in this direction. It was announced that its own KYC registry, which includes data from 1,000+ banks, will be available to trusted partners and customers in the future. This also means that digital IDs in the financial sector is not a faraway future.
In conclusion, the blockchain technology won’t replace SWIFT, AML/KYC or SSL as stated by many enthusiasts. This new technology will provide very significant upgrades and offer unique opportunities to evolve existing systems. At the end of the day, the prosperous future is with those fintech projects which can identify such opportunities and provide disruptive, but scalable and real-life solutions.