Somebody could be using your personal information right now to commit fraud. The scary thing is, you wouldn’t know until it was too late — maybe you get a credit card bill running into the thousands or an exorbitant cellphone account for a number you don’t own.
You and I could be among the 60m or more South Africans whose personal information was compromised in the country’s largest data breach to date. It’s a very real possibility that our information is on that list (let’s call them the Hunt Files, after the researcher): our ID numbers, names, addresses, genders, birth dates, ethnicities, occupations, marital status and more.
The hack has brought cybersecurity into the spotlight once again. South Africa has the third highest number of cybercrime victims worldwide and loses more than R2.2bn to Internet fraud and phishing attacks annually, according to the South African Banking Risk Information Centre. Gartner predicts that cybercrime might become the greatest threat to every person, place and thing in the world within the next five years.
Clearly, something must change.
Enter the blockchain, a shared, digital, decentralised, secure online ledger that facilitates online transactions — and not just monetary ones. Had the Hunt Files been stored on the blockchain, the hack would never have happened.
The Hunt Files were stored on a central database with questionable security, which is why it was possible to access all the information easily and in one go.
The blockchain is stored on a decentralised database — the blockchain, comprising thousands if not hundreds of thousands of nodes, scattered all over the world. An attacker will need to control more than 51% of the nodes in compromise the database, and the chance of that happening is virtually impossible.
The blockchain uses public-key cryptography, which is one of the strongest form of encryptions available today. It’s used to secure websites, certificates and just about everything on the Internet. Together with the decentralised nature of the blockchain, this means that not even the combined power of the world’s supercomputers could crack the chain. It has stood the test of time for the past nine years, securing hundreds of billions of dollars.
Without the blockchain, our data is “owned” by hundreds of different service providers — banks, telecommunications operators, e-commerce stores and more. This means our information is stored on potentially thousands of different databases that, hopefully, have robust security in place. Clearly, some don’t.
With the blockchain — and with apps like Vinny Lingham’s Civic — consumers regain control of their data. They decide who can access it, for what purposes and for how long. And, when we no longer need the service (for example, when we switch banks), we take our information with us, rather than leaving a copy of it on the bank’s database.
Civic makes it as easy to log into a website as it is to log in with Facebook, except our information is stored on our phones and not in a public database. When we log in with Civic, we scan a barcode on the website that allows the site to only access the bare minimum of information. If it only needs our e-mail address to log in, that’s all it gets. If we were to log in with Facebook, we share a lot more about ourselves than the site needs to know — like personal information, interests and connections.
From next year, Civic will be able to process Know Your Customer (KYC) and anti-money-laundering (AML) requests, making it a viable option for quick, cheap and secure compliance and regulatory verifications.
The biggest challenge hampering the widescale uptake of the blockchain is throughput. The fastest blockchain platforms currently available can process around a thousand transactions a second. When we first started using blockchain for transaction processing, it could only handle around seven transactions — making it ideal for the processing of cryptocurrency transactions at the time.
While we’ve come a long way in a short space of time, we’re still far from the 40 000 transactions processed every second by the likes of Visa and Mastercard. But at the current rate of development, we anticipate serious contenders by the end of 2018.
Many people still believe that the blockchain only has financial applications. But because of the reduced cost and ease of developing decentralised apps, we’re already seeing a lot more use cases, across every industry, including government, healthcare, manufacturing, supply chain and identify verification.
Like the Internet of things, artificial intelligence and machine learning, the blockchain is going to radically change many industries, and now is as good a time as any for businesses to start exploring its use cases and opportunities — especially if they’re still running their operations on legacy infrastructure.
Before embarking on a blockchain project, ensure your team has the skills to develop decentralised apps and that they understand cryptography. Chances are, if you handle any kind of sensitive information, the blockchain will provide an unmatched level of security and user control, helping you to meet governance requirements and to gain the trust of your customers.
The blockchain is going to fundamentally challenge traditional power structures by giving control of information back to the consumer. Innovating in this space is a business’s best defence mechanism. If businesses don’t embrace the blockchain, they may very likely have their own Kodak moment.
- By Wahjid Nasser is technical lead at Entelect