How the Internet Privacy Problem is Solved by Blockchain
The internet has become increasingly insecure. Most of the cyber attacks are targeting valuable information such as intellectual property (IP), health records, personally identifiable information (PII), and financial records, among others. For instance, domain name service (DNS) in 2016 experienced a major distributed denial of service (DDoS) attack which paralyzed most of its services.
So, can blockchain technology help in the fight against cybercrime? According to Ed Powers, Deloitte’s U.S. Cyber Risk Lead, “while still nascent, there is promising innovation in blockchain towards helping enterprises tackle immutable Cyber Risk challenges such as digital identities and maintaining data integrity.”
There are very high chances that blockchain can go a long way into enhancing cybersecurity. It can help through the use of a consensus mechanism to prevent fraudulent transactions. The consensus mechanism can check security by detecting any tampering of data via its transparency, immutability, encryption of data, audibility and no single point failure.
However, according to Cillian Leonowicz, Senior Manager at Deloitte Ireland, “blockchain’s characteristics do not provide an impenetrable panacea to all cyber ills, to think the same would be naïve at best, instead as with other technologies blockchain implementations and rollouts must include typical system and network cybersecurity controls, due diligence, practice and procedures”
Solving the Hacking Problem
According to a report by Equifax, last year, through data breaching 2.9 b of company records were hacked. In addition to that, 143 million personal data information of Americans were breached. To solve these internet security problems, Sovrin network intends to enhance the security with the help of blockchain. According to Phil Windley, the chairman of the Sovrin foundation, the net will make for the first time a secure and private key.
Windley said, "I don't believe there's a ton of people who are suddenly going to wake up this summer and say, 'I need to download a self-sovereign identity wallet for my phone,' …"What's more likely to happen is they're going to go into their bank or credit union and they're going to say, 'We have this new way of logging into your account.' You'll download an app."
With this network, the client and a bank, for instance, will be able to exchange files simply by the client scanning a QR code and all his information is verified.
Besides the Sovrin network, there are other companies as well that are using blockchain to enhance security. Microsoft is working on a digital ID that is blockchain based which is will enable the user to have control over personal information. The information will be encrypted on blockchain and only the user can have access to it.
According to Ankur Patel, Microsoft’s identity division principal manager, “This new world needs a new model for digital identity, one that enhances individual privacy and security across the physical and digital world, … Rather than grant broad consent to countless apps and services, and have their identity data spread across numerous providers, individuals need a secure encrypted digital hub where they can store their identity data and easily control access to it."
Earlier this year, Microsoft joined the ID2020 Alliance, which is a worldwide alliance that is aimed at creating a blockchain based open-source internet identity system for people from all parts of the world. The goal of the ID 2020 alliance is to give common people a legal proof of identification for services like voting, education, housing among other services.
The Digital Wallet
For several years the digital wallet has been used by different cryptocurrencies for the verification of actual funds before buying virtual currencies. The merit of the digital wallet is that it keeps the identity of the client private. Under the digital wallet concept, the verification of funds is done by an institution by giving only the information requested without giving extra information. This is known as zero-knowledge proof.
Under the Sovrin network, the digital wallet was being used to give the user 3 basic rights. One, the user is the sole identity provider. Two, the user controls who can access his personal information and they can change this anytime. And three, the Sovrin network acts as the central governing authority which controls who can be added to the network and who cannot.
The organization that verifies the consumer identity is under the digital wallet referred to as the trust anchor. The trust anchor has the powers to delete and re-issue the user authority.
The user of the blockchain network is protected through the generation of random hash tables. This is a kind of digital signatures which are used to verify the digital information of the user. With the help of the blockchain identifier network, an organization such as a bank has pre-verified information of the client. With this information, the user can approve a transaction through a simple icon.
The characteristics of blockchain such as no single point of failure, availability, traceability, immutability, smart contracts and operational resilience can go a long way in stopping cybercrimes. However, every organization needs to adopt the cyber security controls. This is due to the fact that cybercriminals can find new ways of attaching even the blockchain.
According to Eric Piscini, U.S.’ Deloitte’s Global Blockchain Lead, “while cybersecurity is critical to the large adoption of blockchain, operations, technology architecture, consortium building, talent, and global regulations are key components to be considered as well“. To secure the internet privacy, Deloitte suggests the adoption of blockchain’s 3 risk program, “Secure, Vigilant and Resilient (SVR) cyber approach which will not only support entities to remain secure but also become more vigilant and resilient to evolving cyber threats.”