Connect with us

Technology

Privacy-Focused + Privacy Centric Blockchains

Published

on

Privacy-Focused + Privacy Centric Blockchains

By David Freuden

While encryption is the best protection in regards to privacy, protecting your personal data must begin with an action taken by you. Only through the lens of data ownership can we begin to answer the question of: “Who/What will protect my privacy?” It won’t be legislation, as governments themselves are often those who are seeking more information on their citizens. This may be taking place either directly or indirectly via coercion, legislation or subpoenas directed at the ever-growing number of corporations that collect, store and share your personal information.

The new field of blockchain-enabled encryption offers significant opportunity to improve privacy and the controls around it. However, it is important to understand that not all blockchains are privacy-conscious, and fewer still are those that are privacy-centric.

Privacy Blockchains: By Approach

Looking at blockchain through the lens of privacy there are two core categories, Transparency and Privacy:

Transparency: Bitcoin & Ethereum. No information is hidden. This is good for blockchain analysis and honesty, but It is bad for user protection and privacy. Block Explorers, an open-source web tool, allows anyone to view information about blocks, addresses, and transactions on the Bitcoin and Ethereum blockchains.

It is relatively easy using solely blockchain analysis and the addresses of known public entities (businesses, organizations) to discern what address a person may be associated with, and where the funds are coming from/going to. Worse yet, when you pay someone from an address owned by you, reverse lookups are possible using a blockchain explorer. This means anyone you send bitcoin to can then look-up your address and, in turn, know precisely the amount of bitcoin stored at that address.

Privacy: Monero&Zcash. These use different approaches than Bitcoin and Ethereum, but it is worth noting that they both need a certain degree of transparency. This transparency is necessary for the logistics of:

  1. a) Ensuring that transaction gets from A-B (and related auditing by third parties)
  2. b)Preventing double-spends and counterfeiting

The privacy-focused blockchains, regardless of approach, are bound together by a common value: Privacy should be a choice. Bitcoin’s transparency is viewed as problematic by all projects actively pursuing a means to keep information private, while also being posted publicly on a ledger. In a way, this is the closest realization to a tangible “use case” that exists in crypto, apart from the concept of a decentralized ledger.

Privacy-minded blockchains also have two important differentiating subsets:

◦ Opt-In Privacy: For example, Zcash, where all transactions are transparent by default. This results in (as of Nov 19th, 2019) roughly 87% of the Zcash network’s daily transaction volume being completely transparent. As a result, the latter 13% is much more easily deduced by analysts. You can see this on the Zcash explorer

With the “Opt-In” approach, transparency is the default. Privacy is an elected option.

◦ Opt-Out Privacy: For example, Monero, where all transactions are opaque by default.

This results in 100% of the network being opaque to onlookers with the exception of users who have chosen to share their information. Users may choose to do this for various reasons such as the need for a third-party audit. To do this on Monero’s network, users would provide a recipient’s address and a transaction-specific private key to that third party. These actions will make that transaction’s data visible to the party with whom this info is shared.

With the “Opt-Out” approach, privacy is the default. Transparency is an elected option.

The Benefit of Competing Solutions

Blockchain projects taking different approaches toward the solution of establishing of choice-centred privacy is critical. Not just with blockchain but for privacy globally. The topic of individual privacy continues to make headlines around the world and is already influencing governments to enforce new legislation that is designed to protect privacy, such as the GPDR that was introduced in May 2018. As blockchain continues to grow and be adopted around the world it’s important that this new technology provides improvements in privacy and control of privacy.

  • The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individual citizens of the European Union and the European Economic Area. It also addresses the transfer of personal data outside the EU and EEA areas.

As noted in my article Privacy, Your Personal Information and How To Protect Them, one of the most recent advances in technology that offers a significant advancement in privacy and security is Blockchain.

Leading Approaches toward a Privacy-Conscious Blockchain

The two examples mentioned previously, Zcash and Monero, are the two most well-known privacy coins in the market, being launched in 2016 and 2014 respectively. Their end goal is the same, but they use different mechanisms and approaches.

  • Zcash (ZEC) is a fork of the Bitcoin protocol and attains privacy via the use of zk-SNARKS, a zero-knowledge privacy protocol.
  • Monero (XMR)is a fork of Bytecoin, which has a completely different underlying protocol that Bitcoin called CryptoNote. Monero maintains the privacy of its senders, its transactions, and its receivers via ring signatures, ring confidential transactions, and stealth addresses respectively.

There are many other privacy-centric blockchains, most of which are forks from either Zcash or Monero. The reason for forking is that developers may believe there are significant improvements or advantages that can be offered to users. Forking into a new project from existing protocol enables new projects to keep the best of what exists and add new features and functionality towards the shared goal of user-controlled privacy and security. As a result, the most innovative projects are oftentimes more agile as a project than the blockchain titans they are forked from. Having a smaller userbase and ecosystem, they are able to react more quickly to newly arising issues and make changes with less notice and impact on their users.

Three projects of interest within the Zcash ecosystem, which epitomize innovation:

Komodo [KMD]: Komodo was launched prior to ZEC, after Zcash source code had been made public. Komodo has rolled out the Antara Framework for launching new blockchains and a full-featured test environment for blockchain development (KMD Labs). They also pioneered a mechanism called Delayed Proof of Work (DPOW) that secures smaller chains with the security of bitcoin. Komodo are in the alpha stages of development for a decentralized exchange built upon atomic swaps.

Hush [HUSH]: Hush recently migrated their codebase from ZEC-forked code, to a codebase derived directly from KMD’s prior work. Hush has created Hushlist, a means for users to communicate using zero-knowledge technology, similar to mailing lists. This can be used by journalists, whistleblowers, or anyone needing to communicate with many others, in a privacy-sensitive way. According to Hush’s lead developer, Duke Leto:

 “Hush was the first Zcash Protocol coin to remove the 1.6GB download requirement prior to syncing, which in addition to it having the smallest on-disk chain size of ~1GB, makes [it] the most bandwidth-efficient fork”.

PirateChain: PirateChain boasts the largest anonymity set of any functioning network, and are currently the only ZEC-derived codebase that takes on privacy from an Opt-Out perspective (i.e. by default — users must opt-out by sharing a viewkey). PirateChain is also a member of the KMD ecosystem.

Several projects from Monero’s ecosystem, that epitomize innovation:

Swap [XWP]: Swap is also derived from Monero and inherits privacy from RingCT and the CryptoNote protocol. Swap’s most innovative contribution is their implementation of a completely different mining algorithm, Cuckaroo29s. Cuckoo cycle (PoW algorithm) is only 42 lines of code in its complete specification. This means that not only is Swap’s code more easily audited by external parties, but its block verification is much faster than those based on the CryptoNightPoW algorithm.

Other Forks: Even Monero developers acknowledge the advantages of smaller, light-weight forks in making innovative changes. Most Monero forks are created by developers from the internal group of XMR’s main contributors. Many of these function as testing beds for prospective features on Monero. Projects in this subgroup include MasariAeon, and Wownero to name only a few.

Blur [Blur]: is a fork from Monero’s codebase. As a result, both chains choose Opt-Out privacy by default. Blur provides a refreshingly different perspective on the issue of specialized mining hardware than the typically-seen “ASIC-resistance” ideal. ASIC-resistance is something that has attracted criticism from entities like Coinbase, recently.

Blur plans to feature a multi-PoW ecosystem, incorporating multiple self-similar proof-of-work blockchains. The idea is to create separate faction-based chains for specialized hardware, that are more advantageously mined by the respective devices. Targeting key differences in chip design, and using independent chains to isolate hardware with incentives, The Blur Network plans to provide an inclusive ecosystem for all mining hardware, in a more logically competitive manner.

Technology

How can modern and emerging technology revolutionise Wealth management and Banking going forward?

Published

on

How can modern and emerging technology revolutionise Wealth management and Banking going forward? 1

By Azamat Sultanov & Firdavs Shakhidi, Co-CEOs of Fortu Wealth

Over the last few years, we have seen much innovation in the financial sector. Challenger banks such as Monzo and Starling have seen rapid growth, with customers being attracted to their open and intuitive systems.

However, we’re yet to see corresponding innovation in the private banking and wealth management sectors. Many firms and asset managers rely on legacy tech that is incapable of providing the modern customer with the sleek, streamlined and hassle-free offering that they seek from their financial services.

Digitisation is key to meeting the needs of the modern consumer, and below you’ll find areas that will benefit most from such a change..

Payments, Transfers & Exchange

Historically, the process of transferring money was slow, complicated and expensive. However, thanks to the likes of TransferWise and other such FinTech unicorns, this is no longer the case..

In-app software now allows for the real time checking of exchange prices, ensuring customers can get the most accurate and cost-efficient rates in the palm of their hand.

Gone are the days of endless form signing as well with Touch ID, DocuSign and voice-authentication greatly increasing the speed in which customers can safely and securely transfer money between accounts, Payees and countries or make payments.

Part of this success comes from the collaborative approach now used by most banks. This has enabled firms to partner with smaller, more agile fintechs, implementing a number of white-label services, and advancing their own offering to appeal to the new modern consumer.

This collaborative-formula will be the key to success and innovation within the financial sector for years to come.

Trading and Investment

Azamat Sultanov

Azamat Sultanov

Digital brokerships, such as eToro, Trading212 and RobinHood have led to a swathe of new retail investors entering the marketplace, and with that banks and firms should be looking to engage with this exciting new customer base.

If GameStop taught us anything, it’s that modern investors want the capability and the security to quickly access the trading floor and invest without the labour-intensive ways of years gone by with brokers, trade forms and endless bureaucracy.

This instant-access to the trade floor does pose risks to retail investors’ capital however and so it’s pivotal that financial service providers make a proactive effort to educate their customers on investing. This also offers a great opportunity for banks to open up positive channels of communication with their clients.

Banks shouldn’t be afraid to become more conversational and friendly with their customers to help solidify engagement. Perhaps by providing a monthly newsletter, banks and firms can cover off a number of key actions, helping to educate the consumer on interesting stocks and share options. By doing this, they can help their retail investors avoid costly investing mistakes.

Through these actions established banks and finance professionals are fulfilling their educational role and utilizing their investing experience to ensure the DIY-Investor is safe and well-informed.

Compliance

The debate over modernising financial service companies compliance models is polarising. On the one hand, established banks and firms will say that what is not broken does not need fixing, however given that the FCA imposed nearly £200m worth of fines to firms in 2020 alone, it would appear that there is definite room for improvement.

Innovative technology offers the ability for financial service companies to automate the process of collating and protecting customer data, and also bypass the risk of human error which can often be a costly and easily-avoided outcome when it comes to compliance.

Automated data processes also offer a multitude of benefits by optimising a bank’s operational efficiency, ensuring regulatory requirements are met, and creating a satisfying customer experience.

In previous decades the financial services industry has been slow to adapt and often it’s been for understandable reasons, the stakes are high and mistakes can result in customers lost and sizable fines.

That said, the benefits of greater digitisation pose too great an opportunity for banks, firms and wealth management companies to upgrade to a more efficient work process and retain & grow more customers.

By utilising the latest technology available to the sector and becoming more open-minded to collaboration with third-party vendors, firms can provide benefit to their customers.

Whether that is streamlining compliance, saving costs and time on payments & transfers or expanding to allow consumers the ability to invest and trade directly from within an ‘all-in-one’ app. The customer now wants efficiency without the sacrifice of security and that is exactly what we should be looking to provide.

Continue Reading

Technology

Dealing with Disruption: Turning to the cloud for tech-enabled compliance, agility, and resiliency

Published

on

Dealing with Disruption: Turning to the cloud for tech-enabled compliance, agility, and resiliency 2

By Jeff Axelrad, Worldwide Financial Services Compliance Lead at Amazon Web Services

COVID-19 has disrupted the normal course of business for financial consumers and institutions, each of whom bears a unique set of concerns and requirements they need to address. Financial consumers are focused on access to capital, where time is critical in determining the viability of businesses and continuing their ability to meet financial commitments. Financial institutions, including consumer and challenger banks, are focused on safety, security, resiliency, scalability, and the continued health of their operations. Financial regulators are focused on economic recovery, making capital accessible to those who need it, and ensuring the stability of national and global financial systems.

These heightened concerns and requirements translate into increased burdens on the financial system from a technology perspective. The pandemic is challenging legacy applications and infrastructure in their ability to support both the immediate shift to primarily digital engagement with consumers and the extraordinary volumes and volatility that are challenging global markets.

While using the cloud to innovate is one thing, is it feasible in a highly regulated industry such as financial services, and in the midst of a pandemic? The short and definitive answer is yes.

Confidence in the cloud

Financial institutions are working to enable secure and agile operations during a time of extensive operational challenges such as bank branch closures, spikes in call-center volume, extreme trading volatility, and shifts to large-scale remote-work environments.

AWS is working with financial institutions and government and regulatory agencies around the world to help tackle the challenges to the global economy that COVID-19 presents. From enabling remote work, maintaining the operational resilience of mission-critical applications, scaling global market systems to process exceptional volumes, we’re supporting our customers such as to keep the people and systems that run the global economy working.

For example, Barclays a 329-year-old bank, answering to five regulators worldwide, must constantly evolve to keep its customers satisfied while also keeping the bar high for the services it provides consumers. When COVID-19 began, Barclays rapidly and securely modernized its contact centers by moving its 25,000 agents to a work-at-home model in just six weeks using the cloud. Barclays is also looking to the cloud to help simplify its multi-channel customer engagement to serve 80% of inbound voice interactions by 2022 while also saving nearly 50% over time.

Tech-enabled Compliance
At AWS, we take security and privacy extremely seriously, and our customers always own their data, and maintain the ability to encrypt it, move it and delete it. We constantly monitor a fluid regulatory environment, working with regulators globally to monitor for upcoming rules and changes to guidelines that have the potential to impact our customers.

We also enable customers to meet their specific vertical security and compliance needs, and constantly look into other certifications that will define the future. AWS regularly achieves third-party validation for thousands of global compliance requirements that we continually monitor to our customers meet security and compliance standards.

Solarisbank AG, Europe’s leading Banking-as-a-Service platform, was the first bank in Germany to fully migrate to the cloud and included all of its core banking systems, digital products, and databases. The migration from the on-premise datacenter to the cloud took one year and was completed in November 2020. The move to the cloud enabled the company to lift technological and regulatory barriers for its business partners by offering financial services to third parties through its German banking licence and application programming interface (API) services. This in turn enabled them to remain compliant while enabling their partners to offer financial services products to consumers quickly and seamlessly. The cloud migration was a key part of Solarisbank’s strategy of building a product and tech platform that ensures the best possible conditions for scale and automation, in order to accommodate the growing customer bases of its partners.

Additionally, newer technologies such as continuous monitoring help institutions to appropriately manage the operational risks within their cloud environment and ensure they have sufficient processes and security measures in place to support encryption, authentication and reporting.

We expect to see more automation in security with infrastructure and application checks that can help enforce security and compliance controls continuously while reducing human configuration errors. These processes allow financial institutions to maintain the confidentiality and integrity that their customers demand, while maintaining timely and accurate reporting required by industry regulators.

Architecting for resilience
We encourage all financial institutions to create a toolkit that monitors their cloud environment from end to end, enabling them to identify and analyse risk events such as unencrypted data or an unsecured third-party service. With global regulations related to data privacy on the horizon, financial institutions must carefully consider how to manage data and security to ensure they are well positioned to remain compliant, while minimising risk and keeping an eye toward innovation.

The application programming interface-driven infrastructure of the cloud enables organisations to automate the development and operation of their application infrastructure. At AWS, we also take active measures to minimise the impact of potential events and maintain our security and resiliency through a variety of ways. For example, we build our cloud infrastructure in diverse geographic regions with multiple availability zones per region. This diffuses the potential for systemic risk in any industry or location.

The Road Ahead

While we work with our customers including Global Payments, HSBC, JP Morgan Chase, Itaú Unibanco, and Standard Chartered to focus on the tasks at hand, we also recognize that the lessons we learn from this extraordinary moment in history will shape the future of our industry. What lies ahead is an agile, powerful, and secure opportunity to use technology to invent and reinvent the way organisations are able to act, preempt disruption, and think about the future of the financial services industry.

Continue Reading

Technology

AI-powered visibility key to mitigating IT systems risk in financial services

Published

on

AI-powered visibility key to mitigating IT systems risk in financial services 3

By Penelope Feros, Vice President, APAC, Cherwell Software

The world of finance changes by the minute. Financial businesses — from banks to insurance agencies and brokerages — are facing a myriad of macro challenges that come along with modernisation.

The rise of fintech and challenger banks make the landscape more competitive than ever, putting pressure on the ingenuity of offers, fees, and net interest margins (NIMs). Today’s mostly online banking means an increased need for cybersecurity and protection against data breaches and costly outages.

Automation is no longer a futuristic option for the workplace, but now, a reality that also impacts the customer experience. Disruptive technologies like AI to address the exponential rise in data and complexity in finserv organisations is primed to grow in significance across IT teams in the region.

According to IDC, financial services spending on AI in Asia Pacific will reach US$4.29 billion in 2024, with Australia making significant traction and advancements in AI spending, alongside key financial hub markets Singapore and Hong Kong.

Rising system vulnerabilities within complex IT environments

Digital transformation has resulted in IT infrastructure complexity growing at an astronomical rate. The resultant increases in infrastructure data and alarms at the service desk far exceed the capacity of any human to meaningfully read, analyse and respond to them. The infrastructure itself is also constantly morphing and changing, yet finance service desks are still expected to resolve requests, incidents, and performance issues in seconds – an impossible task, given the volume of data.

Penelope Feros

Penelope Feros

Financial brands are expected to maintain a pristine reputation while making sure all business-critical applications perform optimally, in order to stay competitive and deliver a better service experience.

Every application is supported by a complex fabric of servers, network devices and services – both physical and virtual – local and in the cloud. The impact of an outage or vulnerability for any one of those components can be extreme. IT teams need to monitor not just every device, but also the dependencies between them. Understanding all of the pieces that make an application available is about more than knowing the up or down status.

With security vulnerabilities putting customer data at risk, having awareness of the priority systems that need to be secured is also vital. As the architectures behind applications become even more complicated with the cloud, virtualisation and shared services, manual documentation of dependencies is no longer a feasible option.

AIOps implementation begins with discovery and analysis

The good news is that the solutions available to automatically discover the organisation’s systems and map dependencies are much more sophisticated today.

Discovery and dependency mapping (DDM) tools enable organisations to see how physical, virtual, and logical compute, network, and storage entities are connected. They can handle the complexity of distributed hybrid environments, giving finserv IT teams the opportunity to visualise and manage the components of their online retail, supply chain, ERP and other critical applications.

The discovery phase involves uncovering all of the compute, network and storage entities across the IT environment and ensuring the organisation’s configuration management database (CMDB) is always kept up to date.

DDM tools depict the interdependencies in a graphical format, so IT teams can readily see the connections between assets, and which services they support – critical to troubleshooting incidents or preventing impact of change.

Once the CMDB is kept up to date with automated discovery and dependency mapping, finserv organisations need to make sense of the data in order to make informed decisions. By applying machine learning algorithms to analyse this data, AIOps can identify patterns, spot anomalies and predict (and prevent) future outages. The resulting insights can trigger intelligent automations to effectively prevent outages, improve performance, and ease the burden of managing increasingly complex infrastructure. By automatically triggering actions based on insights, AIOps can quickly fix issues or prevent them from happening, whether it’s a network link that’s gone down, an over-utilised disk or a service that simply requires a restart.

With automatic discovery and dependency mapping, AIOps allow financial services organisations to, gain visibility over IT environments, rapidly evaluate changing needs, and the means to quickly meet them. Adoption of the right solutions leveraging AI can help IT operations in financial services organisations make sense of the growing volumes of data and get on top of increasing risks of outages.

Continue Reading
Editorial & Advertiser disclosureOur website provides you with information, news, press releases, Opinion and advertorials on various financial products and services. This is not to be considered as financial advice and should be considered only for information purposes. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third party websites, affiliate sales networks, and may link to our advertising partners websites. Though we are tied up with various advertising and affiliate networks, this does not affect our analysis or opinion. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you, or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish sponsored articles or links, you may consider all articles or links hosted on our site as a partner endorsed link.

Call For Entries

Global Banking and Finance Review Awards Nominations 2021
2021 Awards now open. Click Here to Nominate

Latest Articles

Newsletters with Secrets & Analysis. Subscribe Now