The role of blockchain in tackling cybercrime
To launch International Cybersecurity Month, we take a closer look at why financial services might turn to distributed ledger technology to tackle illegal activity online.
We know that the volume of data being created is increasing, but it will surprise most people to discover how rapidly data is being created in 2019. It has been mooted that 90% of all the data that has ever been created globally has come into existence in the past two years and that potentially ten times the volume of data that exists today will have been created within the next two years. At that same pace we could see 100 times the volume of data in existence in four years.
Our reliance is going to deepen as the volume of data grows; for these reasons our approach to manage data must fundamentally change.
Cybercrime: are financial services are currently failing?
It is of little surprise that threats on increasingly valuable financial data are coming from much more sophisticated criminals in 2019. Rather than single hacker operations, today organised crime operations and even rogue nations are seeking to exploit breaches in financial data security for significant monetary gain.
And the criminals are currently extremely successful. According to research carried out in 2018 only 1% of criminal proceeds in the EU are confiscated by the authorities, 5% of all transactions reviewed by bank compliance officers are referred to law-enforcement, and 0.5% of all transactions reviewed by bank compliance officers lead to a criminal investigation.
To reverse this trend, financial services providers must take a closer look at the developing technology that is now within reach of the market. Nowhere is this more crucial than how data will be stored and managed. Of these technologies, the most highly touted in many circles in blockchain.
Is blockchain an upgrade over current systems?
For most people who have heard of blockchain, it is in reference to cryptocurrencies, and more specifically Bitcoin. And the media narrative surrounding Bitcoin is often negative. It is often portrayed as the currency of choice for the dark web and a facilitator of criminal activity online such as the Silk Road illegal drugs distribution ring. In particular critics state that the ability to pay anonymously is the major difference between cryptocurrencies and fiat currencies, so its only benefit would be to conceal who is transacting and avoid prosecution.
The lack of global regulation of cryptocurrencies is also a significant concern; many jurisdictions have no cryptocurrency regulation at all, and where there is regulation this varies widely between jurisdictions.
So making the case that blockchain is actually a tool to help prevent financial crime rather than being the facilitator of it is problematic. That case begins by stating that cryptocurrencies are constructed using a blockchain, but that blockchain has far more use cases than supporting cryptocurrencies.
Secondly, when we take a closer look at the characteristics of blockchain technology, we can see that there are some clear advantages over current data storage operations:
1. Data isn’t siloed
Legacy technology means that financial services’ data is siloed, making it extremely difficult for CIOs and CISOs to gain a single view of all the data stored. Not having the ability to monitor and report on this data from a single all-encompassing view gives cybercriminals a huge advantage in accessing systems and committing fraudulent activity without being detected.
2. Greater transparency
In contrast to concerns about anonymity, a blockchain ledger is fundamentally more transparent than other data storage methods because all agents with access to the ledger are monitoring the same data rather than individual copies of it. So a blockchain network operates as a single source of truth, including for regulators and law enforcement agencies that might be monitoring for criminal activity.
3. Data integrity
Data stored on a distributed ledger is accessible in real time, meaning that systems can be actively monitored for fraudulent activity in a more proactive manner. And because there is only a single view of a distributed ledger any edits to the stored data are visible to and verified by every system node. Data is therefore immutable.
Data is encrypted and stored across a network of servers rather than a single server. Information can be shared more securely without the threat of the network being compromised.
5. A new approach to authentication and digital identity
A blockchain network could provide a federated digital identity service, where governments, financial institutions and service providers cooperate to deliver effective customer authentication, a critical defence against cybercrime.
We can see how these characteristics of a blockchain network might deliver significant advantages over current data systems in preventing cybercrime. If managed correctly even cryptocurrencies, might be an efficient payment method that doesn’t play into the hands of cybercriminals. Some of the rules that financial institutions would need to put in place to ensure this is achievable include:
- Enforcing the highest standards of Know Your Customer and Anti-Money Laundering protocols
- All activity on the blockchain must be monitored and suspicious activity reported
- Establish appropriate transaction limits and acceptable use cases
- Exclude jurisdictions where cryptocurrencies are disallowed
Preventing cybercrime is bound to be a pressing priority for financial institutions, especially in the context of the huge increase in the volume of data we already experiencing and will do to a greater degree in the near future.
Distributed ledger technology, in conjunction with artificial intelligence, has huge potential to revolutionise how financial data is stored and shared, and this may be the solution to financially overcoming the threat of cybercrime. This technology might not yet be fully developed, and there will need to be significant buy-in from financial institutions before we see widescale adoption, but we can see that there is already significant interest in this area.
Technology alone will never be the answer to effectively combatting cybercrime on its own; human experience and expertise will always be required to observe systems and detect suspicious activity. But having the right systems in place to manage data in the most secure manner and provide experts with the tools to operate at their most effective is critical to overcoming the challenge of cybercrime. This is where blockchain might be part of a long-term solution.