The banking industry is currently rolling out several permissioned blockchain projects.
These are still controlled projects, but so far they demonstrate how powerful a blockchain-enabled banking system could be with respect to gains in effectiveness, security, as well as creating a technical basis for new innovative business models in banking.
Many financial institutions are considering the creation of a global payment system using permissioned blockchain technology. This would allow for the pooling of resources, gaining market standing, but also achieving the critical mass needed for a blockchain network and to enable emergent network effects (e.g., for innovation), by creating many consortiums of banks and technology providers.
In what follows, we will see the different technologies used for using permissioned blockchain technology in the banking context.
Overview of Permissioned Blockchains for the Banking Industry
The Blockchain concept works by creating a unique chain of blocks, with each one being “glued” to the next one by a digital signature system. In the context of the banking industry, this may allow checking the history of a digital value and its associated transaction records.
Blockchains prevent actively counterfeited transactions, fraud, and collusion between rogue actors and allow a better, faster, and more efficient Know-Your-Customer (KYC) process. For instance, such technology may also allow interaction with other blockchains like identity blockchains provided by the public sector.
Here is the main lifecycle of a transaction in a permissioned blockchain system:
- The transaction is ciphered and added to a distributed ledger;
- All the relevant parties with authorization to access the shared ledger check the details of the transaction;
- Checked transactions are concatenated as a permanent, immutable component of the shared ledger;
- The transaction is completed.
Permissioned blockchains inherit security from a public network blockchain. A blockchain is formed block by block. Each block is concatenated to the blockchain after a consensus. The block of transactions is signed by the actors of the transactions and a timestamp is embedded in the block.
- Each past transaction can be verified in the future because the public keys are inserted into the blockchain
- Rewriting a block without modifying the subsequent blocks is impossible
Here is a typical example of such a blockchain:
In a permissioned blockchain, the consensus is achieved via different techniques.
Technically, proof-of-work as in permissionless blockchains is possible but highly unlikely to be implemented. Also, it is not advisable, given the irresponsible consumption of energy and time. The permissioned blockchain concept has other possibilities of consensus, such as:
- Proof of stake
- Delegated proof of stake
- Proof of authority/identity
- Proof of elapsed time
In the banking context, the consensus would generally be achieved via proof of validity and proof of uniqueness. For example, in a Corda banking application, this is achieved by running the smart contract code attached to a transaction, and by checking all the signatures.
Validation of Correctness
Banking sector-based networks like the Corda network tend to use the notary concept to validate the correctness of a block. Notaries are dedicated nodes that are used for multi-signing. All actors are required to digitally sign the transactions. This provides non-repudiation, technical protection, and a high level of legal assertion. In general, security relies on a complex and well-designed PKI in permissioned networks.
A permissioned blockchain builds on authentication and identification, as a prerequisite to earn the permission to enter. To be granted the permissions required to operate over such a blockchain is always linked to entering a login and a password or performing a similar identification. Multi-level conditional authorization can be maintained as well. The identification can be linked directly to the ownership of a private key. With financial and payment sector permissioned blockchain networks, banks are advised to use 2FA authentication and to link user accounts to all the same private keys to reach strong authentication.
In non-permissioned networks, all users have equal rights and authority. However, in permissioned networks, this is often not the case. Therefore, an attacker could attack the network by simply stealing credentials from authorized users of the blockchain and eventually gain control over it and rewrite transactions.
In the banking context, the security related to authorizing the access of the blockchain network must, therefore, be extremely strong. The whole architecture relies on banking-grade PKI. Banks need to provide a bulletproof PKI system to the participants of the permissioned blockchain.
HSM and Key Management – Backbone of Strong Authentication, Compliance, Auditability and Non-Repudiation
To incorporate strong authentication and/or 2FA in a business solution, the secure management of cryptographic keys is critical for the effective use of cryptography. A cryptographic key has a lot of phases in its life cycle starting from the generation, storage, distribution, and destruction. Since the increase in deployment and evolution of cryptographic mechanisms implemented in blockchains and hence decentralized architectures, effective key management is challenging.
Regulating bodies in the financial market mandate the use of certified HSMs and Key Management solutions.
Choosing an HSM and Key Management System, compliance is required with one or several of the following standards (depending on the context of implementation and the area of jurisdiction):
- PCI (PIN Transaction Security) PTS HSM version 3.0
- FIPS 140-2 Level 3+
- Common Criteria (Evaluation Assurance Level) EAL Level 4+
- NIST Special Publication 800-57 “Recommendations for Key Management”
- NIST Special Publication 800-130 "A Framework for Designing Cryptographic Key Management Systems"
- NIST Special Publication 800-152 “A Profile for U.S. Federal Cryptographic Key Management Systems”
If the blockchain uses eIDAS compliant signatures to benefit from its legal assertion and non-repudiation, the HSM and key management system should also be compliant to the
- eIDAS Protection Profile (PP) EN 419 221-5 “Cryptographic Module for Trust Services”
It is highly recommended to use HSMs that have earned globally recognized certifications and implement standard/best practices.
Blockchain technology is very attractive to the banking sector. It promises gains in efficiency and effectiveness, increases in security and profitability, and acts as an accelerator in innovation. Nevertheless, additional security measures must be taken, when compared to a public blockchain system, such as running banking-grade strong authentication infrastructures and making sure the cryptographic operations and the associated private keys are handled in secure HSMs possessing and globally recognized standards / certifications.
References and Further Reading
- Learn more about Utimaco's HSMs for blockchains
- More articles on permissioned blockchains (2018 - today), by Martin Rupp, Priyank Kumar, Ulrich Scholten, Asim Mehmood, Dawn M. Turner and more
- More articles on eIDAS (2018 - today), by Gaurav Sharma, David McNeal and more
- More articles on HSMs (2018 - today) by Terry Anton, Dawn M. Turner and more