As financial services set about reforming their business with blockchain technology, a report from an EU security agency has highlighted a number of security concerns around distributed ledger technology (DLT).
In its report – Distributed Ledger Technology & Cybersecurity – the European Union Agency for Network and Information Security (Enisa) states: “The speed and cost of doing business using distributed ledger technology is expected to improve by simplifying back-office operations and lowering the need for human intervention. However, a number of security concerns around this new technology remains.”
The paper identifies some of the challenges of using blockchain, including: key generation and management, smart contract management and scalability. Key management is a challenge in the use of traditional technology as well as blockchain. It means the process by which activity on an account is authorised and the challenge is to prevent any unauthorised access. The report states: “Unlike with traditional systems, where before a server administrator was capable of tracking attempts to break into a customer or user account, the malicious users can keep trying limitlessly to decrypt or try to reproduce a private key out of encrypted data from a given ledger. With Blockchain, there is no way of knowing this is happening until after the hacker has succeeded.”
Cryptography is another of the main challenges for financial institutions while considering the implementation of blockchain-based processes. The report says that the main challenge associated with cryptography is that “stringent policies and procedures must be followed when managing keys, including people, processes and technology”.
The report goes on to discuss code review and privacy, as well as some of the more specific challenges related to blockchain, including 'consensus hijack', in which a hacker is able to take control of a majority of other users in order to manipulate the network or validation process – known as a “51% attack”.
The other challenges discussed in Enisa's report are:
- consensus hijack
- exploiting permissioned blockchains
- distributed denial of service
- wallet management
- smart contract management
- governance controls
- anti-fraud and anti-money laundering tools
Enisa works with the EU, its member states, the private sector and European citizens to develop advice and recommendations on good practice in information security.
Blockchain could save banks $12 billion a year
2017 is already showing signs of how blockchain will develop and shape financial services in the near future, with trade finance platforms and huge savings for financial institutions
Financial services face huge digital challenge
The digital transformation challenge – or the fourth industrial revolution/4IR – necessitates a huge transformation in how financial service institutions and providers operate
Explained: the future of blockchain and possible impact on financial services
Blockchain, essentially a giant network, which records ownership and value, is being hailed as the second coming of the internet. Raconteur break down its future in 8 charts