The blockchain technology is one of those inventions that has the potential to change the world. And it definitely will. But is it the anti-fraud solution and the necessary tool in risk management that both companies and governments need?
Although it has become known to the general public due to cryptocurrencies, it is important to know that the use of blockchain is not limited to a single industry and that in the future we will certainly hear much more about it and the successful business projects based on this technology.
In an interview for The Diplomat, Robert Whitaker, Chief Operating Officer for Blockchain Intelligence Group and one of the speakers of FRAUD SUMMIT by SPIA, says that when blockchain technologies reach their potential, they will have the same impact that the Internet had 30 years ago.
Adam Draper, founder and CEO of Boost – a start-up accelerator – and a fourth-generation investor, said that Blockchain replaces trust with mathematical evidence for third parties that an action has taken place. For a private investigator, irrefutable evidence, especially in the case of anti-fraud investigations, is absolutely necessary.
What is a blockchain and what can it be used for?
Blockchain is a decentralized technology, a digital register of encrypted transactions that is duplicated and distributed to the entire network of computer systems in the blockchain: when a new transaction takes place, each block in the chain receives that action’s registration. The system only allows the distribution, not the copying or modification of digital information. Each transaction is registered with an immutable cryptographic signature called a hash, which makes it impossible to change, hack or fraud on the system.
A decentralized database that is managed by several participants is known as Distributed Ledger Technology or DLT.
The concept of blockchain first appeared in 1982, as a protocol, being mentioned by cryptographer David Chaum in his dissertation. The idea was developed 9 years later by Stuart Haber and W. Scott Stornetta, two researchers who wanted to implement a system in which the documents’ temporal logs could not be changed. According to Wikipedia, the first blockchain was conceptualized by a person – or group of persons – known as Satoshi Nakamoto, in 2008. The design was implemented by Nakamoto the following year, as a core component of the Bitcoin cryptocurrency, where it serves as a registry for all the public transactions in the network.
Currently, there are at least 4 types of blockchain network: public, private, consortium blockchains and hybrid blockchains.
A public blockchain is not restricted – anyone with an Internet connection can send transactions and become a validator (ie participate in the execution of a consensus protocol). Among the largest and best known public blockchains are Bitcoin and Ethereum. A private blockchain can only be entered by invitation from the network administrators, the access of the participants and the validator being restricted. The hybrid blockchain is a combination of centralized and decentralized features, while a consortium blockchain is a blockchain register that runs in parallel with a primary blockchain.
From the beginning of this technology’s development, fraud risk management has been an important issue. Transactions are visible to anyone, which provides transparency to companies and customers, helps legal institutions or private corporate investigation agencies in investigating and documenting financial or cyber fraud, and it’s even considered as a voting mechanism in future political elections, due to the low risk of fraud.
Even though, at this moment, the main factor that has attracted attention on the blockchain is the growing popularity of cryptocurrencies, more and more applications are being developed based on this technology, in various services and industries. Blockchain is an incorruptible registry that enforces transparency and bypasses censorship, making the technology widely applicable in areas ranging from automating contract signing and business intelligence investigations, to energy or health.
Smart contracts are a concept of contracts based on blockchain technology, which can be executed/applied in part or in full, without human interaction. Their main feature is that they do not need a trusted third party to act as an intermediary between the contracting entities – the blockchain network executes the contract on its own. This reduces the interaction between entities when exchanging products or services, which is an important step towards increasing transaction automation and optimizing the use of contracts in general. Smart contracts do not yet have a viable version, their legal status being uncertain due to the lack of widespread use.
In the economic and financial industry, the blockchain has attracted the attention of many banks, which have expressed interest in using the technology in the banking sector. They cooperate with companies that create private blockchains and explore how the technology can be used in financial services to increase their efficiency, reduce costs and increase fraud prevention measures.
Blockchain could also be used in anti-fraud and smuggling investigations to detect counterfeit products by associating unique identifiers with products, documents, shipments and storing records associated with transactions that cannot be falsified or altered.
What are blockchain’s risks?
Although it may seem like a solid, transparent and fraud-immune system, blockchain – like any other technology – is not without risks and vulnerabilities. They can make their presence felt from a technical point of view, in the implementation process or in aspects related to investments, legal, financial, operational, security and other fields, whether they are directly or indirectly related to the blockchain.
As a general point of view, we can say that its technology and protocols can be difficult to integrate, one of the causes being the lack of standardization. Once integrated, the risks are transferred to the development of technology, which involves standards and procedures that still need iterations and finishes, challenges related to the protection of personal data and high energy consumption. The risks related to the human factor should not be ignored either.
In short, they are:
- The scalability and speed of a technology are two essential conditions for the rate of adoption and applicability to increase. But, at least for now, the blockchain is slow and limited in its ability to take over and serve a large volume of concurrent tasks. These two vulnerabilities are caused by the fact that, on one hand, any participant can do mining, and on the other hand, each block is published separately, then verified by the other participants who do the mining, which translates into time. In the case of Bitcoin, for example, the maximum size of each block is limited to 1 MB, and the system is designed to publish one block every 10 minutes. When there are several transactions, they have to wait another 10 minutes, and the longer the transactions, the longer the time required to confirm them. Ethereum publishes, on average, one block every 15 seconds and has no size limit for each block, while Elrond can process over 10,000 transactions per second (TPS), with an average duration of 5 seconds.
- High power consumption is another low of the blockchain. Every time the register is updated with a new transaction, the miners have to solve the problems, which also means consuming a lot of energy. However, not all blockchain solutions work the same way. There are other algorithms that have solved the problem. For example, private networks do not face high power consumption because the number of nodes in the network is limited.
- Blockchain never forgets, said Robert Whitaker in FRAUD SUMMIT by SPIA. And data immutability can become a problem, especially when we talk about the right to be forgotten and the right to privacy of any person. Or, if they use a platform developed on blockchain technology, their traces will never be able to be deleted from the system.
- There are several ways in which the blockchain network can be compromised. The 51% attack occurs when an entity controls at least 51% of the network nodes, allowing the attacker to take control of the blockchain. By launching a 51% attack, a hacker can manipulate and modify blockchain information, reverse transactions or initiate double-spending attacks, exclude or modify transactions, affect operations, and impede the confirmation process. Public networks are more vulnerable to this type of attack. A double attack of 51% was successfully executed on the Bitcoin Gold and Ethereum Classic blockchains in 2018, with a damage worth millions of dollars. DDoS attack, in which nodes are bombarded with similar requests, congesting the network and taking it down, breaking the cryptographic code or double spending are other 3 ways in which blockchain technology can be attacked.
- If you have ever lost your house or car key, you have had duplicates or at least the opportunity to make one. This is not possible on the blockchain. The decentralization of technology means that each user has his own bank and takes care of the only key available, a key that opens even his own wallet with money. To access the assets or information that a user has stored in the blockchain, he needs a private key, which is generated by the system when the digital wallet is created. The responsibility for this key lies entirely with the user – if he loses it or if it is stolen, he will permanently lose access to his wallet and its contents, inadvertently exposing himself to a high risk of fraud.
- Implementing blockchain technology is expensive and requires expertise. Although many solutions are open source, the investment that a company must make to implement the blockchain is quite large and covers the solution’s development by a team of specialists, possible licensing costs, interconnection costs with other technologies within the organization and maintenance costs. Not everyone can implement this technology, and blockchain specialists are hard to find and not at all easy to pay for.
- The lack of maturity is, at the moment, another disadvantage of the technology. But it can also be seen as an opportunity for those who will be able to find the necessary solutions to current problems and innovate in the field.
- The lack of standardization, the existence of several types of networks and decentralized attempts to solve current problems result in a lack of blockchain interoperability, ie the inability of chains to communicate effectively. Moreover, many companies and organizations still use old systems and technologies, which still expose them to fraud risk factors.
For a technology to be easy to adopt, integrate and use worldwide, it needs standardization. But the blockchain does not currently have the appropriate standards, precisely because of its rapid growth. Because there are several players working on their own chain or register version and the competition is fierce, blockchain standardization is difficult to achieve. It is equally difficult for them to work together to achieve the main goal, which ultimately leads to security, confidentiality and interoperability risks related.
As a conclusion, we can say that, although blockchain is not yet well enough developed and adapted to be adopted in everyday life, this technology’s advantages cannot be disputed: it optimizes risk management by eliminating human involvement, ensures secure, private, transparent and efficient transactions and it can even be an alternative to banking or securing personal information for the population of underdeveloped countries or with unstable governments.
20 years after its first mention as a research project, in 1991, blockchain is comfortably installed in our lives. Although its name is still closely linked to Bitcoin and cryptocurrencies, blockchain is already being explored and tested in many other applications, making its identity less and less dependent on crypto and its name known to almost every investor who wants more accurate, efficient, secure and cheap operations, with fewer intermediaries.
As we prepare to move into the technology’s third decade, the question is not whether the blockchain will be adopted by companies, but when.