This piece is part of a collaboration with MLG Blockchain Consulting, a leading global blockchain development and consulting firm headquartered in Toronto, Canada, with a distributed team across North America, Europe and Asia that is focused on building next-generation applications using blockchain and smart contract technology.
If you have a credit card or an account with a major retailer or technology company, chances are high that you have been impacted by a data breach. Since the turn of the century, data breaches have become more frequent and larger in impact. The stolen data spans the gamut from personal dating records, to customer purchase history, to credit and debit card information. Six of the nine highest profile data breaches over the last decade have involved compromised financial records. This is most typically credit card information and retail purchase histories that inform lending decisions.
This is unsurprising, as the reward to hackers for accessing financial records is the opportunity to gain more money, typically through tapping into the borrowing capacity of the individuals whose records have been stolen. The largest scale data breaches routinely compromise the records of tens of millions of households and businesses. While our financial system remains vulnerable to further breaches, an effective approach to reducing risk is by migrating the financial ecosystem to distributed credit chains, such as the one being developed by the FinTech company DCC.
What Is A Distributed Credit Chain?
Distributed credit chain (DCC) is a financial services innovation that will be the world’s first decentralized banking system. Borrowers and lenders will be able to create blockchain profiles in the DCC ecosystem allowing them to enter into credit transactions. DCC will revolutionize the credit system by providing decentralized, safer, lower cost and transparent access to credit and management of rating information. Because the system eliminates the need for individual companies to store large amounts of client data, it reduces the payoff to hackers of data breaches. Further, the risk of cyberattacks is greatly limited because of the architecture of the system that eliminates many of the points of vulnerability in today’s financial system.
Where Are The Points Of Vulnerability In Data Systems Today?
Most breaches occur today because hackers are able to exploit vulnerabilities in information databases. In particular, they compromise systems at the point of information transfer from one player to another during a transaction. For example, a leading payment processing platform, Heartland Payment Systems, was the victim of a 2008 data breach when spyware was installed on its servers. The company provides credit and debt processing services for the major card companies including Visa and Mastercard, and 134 million credit cards were exposed as a result of the malware attack. The custom built malware was similarly to blame for the 2014 breach of Home Depot’s systems, this resulted in the theft of 56 million customer credit card records.
Another preferred entry point for hackers is to access a company’s servers. In 2014, hackers breached the networks at JP Morgan Chase, the largest bank in the United States. Over a period of weeks, they had access to more than 90 of the bank’s servers which housed records on 76 million household accounts and 7 million small business accounts. While the bank reported that no money was stolen or unauthorized transactions recorded, the hackers successfully gained full access rights on the accounts. The perpetrators allegedly wanted to use their access for money laundering purposes.
Sometimes, a systematic coding error within the company presents an entry point for malicious players. This was the case with Adobe, whose records were compromised in 2013 resulting in hackers gaining access to encrypted information on 38 million Adobe customers. Subsequent investigations revealed that the company’s source code actually included the credit card numbers of specific customers. Thus, while this information was encrypted elsewhere, the very code designed to transmit data during a transaction revealed that sensitive information.
How A Decentralized Credit Chain Minimizes The Risk Of Data Breaches
DCC is building what at scale will be the largest credit provision and facilitation ecosystem. The company’s system is built on an open platform with Artificial Intelligence (AI) risk control. This means that the antifraud and data protection mechanisms are powered by algorithms and machine learning eliminating the need for financial institutions to store data. This means that individual companies will not have to maintain large information databases or store customer data on their servers. In this way, DCC closes a point of vulnerability that has been exploited by hackers.
It is clear that most of the high-profile breaches in the last decade involve compromised credit card information. DCC’s platform will enable multiple financial institutions to extend credit to individuals and companies via blockchain credit cards. The amount loaned is maintained on the chain, and various lenders can enable transactions without exchanging information. This greatly reduces the risk of large-scale credit card information fraud, and when it does happen, it limits the usefulness of a single credit card number. In particular, the data breach such as the one that occurred at Adobe in 2013 is less likely because there will be no transfer of data during a transaction.
Decentralized credit chains will reduce the risk of data breaches by closing the top vulnerabilities in computer systems and eliminating the need for most credit providers to maintain large information databases on their servers. If adopted on a wide scale, this will make our financial system safer and more transparent for all players.
Author: Wadzi Katsidzira, MLG Contributor
Wadzi Katsidzira is an MLG contributor, writing educational content on the blockchain industry. Opinions expressed are entirely my own and in no way an endorsement of the companies or products referenced.
Disclaimer: CryptoCanucks.com is not intended to provide tax, legal or investment advice, and nothing on CryptoCanucks.com should be construed as an offer to sell, a solicitation of an offer to buy, or a recommendation for any asset by CryptoCanucks.com or any third party. You alone are solely responsible for determining whether any investment, asset or strategy, or any other product or service, is appropriate or suitable for you based on your investment objectives and personal and financial situation. You should consult an attorney or tax professional regarding your specific legal or tax situation.