Incorruptible. Industry-changing. Transparent. The ledger of the future. Just some of the terms buzzing around blockchain technology. Occasionally mistaken for a synonym of Bitcoin, blockchain is actually a platform on which Bitcoin and other cyber currencies operate. Think of Bitcoin as one of many software programs, and blockchain as the operating system on which they run.
Developed more than a decade ago, the cryptographic blockchain has only recently begun to gain common use. It’s an open and secure virtual ledger, able to record value transactions and ownership of finances, information, and objects for organizations and individuals. Rather than a central authority verification – such as a credit card clearing house – blockchain verifications result from decentralized peer-to-peer users residing within millions of computers world-wide. The blocks of data are linked in sequence using cryptography, rendering the removal, addition, or other change to data, virtually impossible without alerting flanking block holders in the chain.
With this perceived impenetrability and other benefits, such as traceability of transactions, transparency, accuracy, near real-time transfers, and 24/7 operation, blockchain technology is securing itself as a major contender in the financal services industry's future.
But as with most technological advances and progress in the world, it is not borne without risk. And in the finance industry, that risk can be even greater when that technology is not merely an application, but has potential to assume a core role in infrastructure – such is the case with blockchain and other distributed ledger technologies (DLTs). The potential for disruptions, data theft, computer breaches, and business continuity issues is very real. What then are threats that blockchain bears?
Potential Weak Links in Blockchain
For full implementation and workability, all stakeholders and business systems must assume its employment at the same time as well. And once established, it must run seamlessly within the infrastructure. Without uniform and flawless adoption, service continuity issues can come into play -which could result in loss of customers and reputation.
2. “51% Attack”
Those within the industry express fear of a potential for a conspired majority takeover of the blockchain as there is no centralized governance.
3. Information Security
Though the cryptography thwarts tampering of data, it doesn’t shield account/wallet information. Transactions are not anonymous. Anyone within the chain can view any transaction and the accompanying data.
4. Fraudulent Transactions
Any computer has the potential to be hacked. Cyber criminals could hack computers to perpetrate fraudulent transactions, such as “double-spending” where two transactions are generated, one canceling the other. Other cyber attacks could include: distributed denial of service, hacked key, and weak key generation.
5. Regulatory Requirements
Regulatory requirements are still in development, particularly for cross-border transactions related to data protection and privacy. There may be hidden regulatory risks for certain uses and transactions.
6. Smart Contract Vulnerabilities
Smart contracts are computer codes designed to effect written contracts with a designated set of criteria to execute transactions. Because these smart contracts are human-generated there lies risk of errors that could lead to operational disruptions and malicious actions.
7. Value Transfer Risks
Blockchain algorithms meant to control value transfer could impede access to critical assets or expose such assets and related information to unauthorized recipients.
For instance, consensus protocols are put into place to ensure that past transactions cannot be corrupted. However, they can be susceptible to malfunctions wherein the required protocol is never reached and therefor a value transfer never completed. Also, protocols require that all parties have the ability to view transactions relevant to a given ledger. And even though some information may be restricted form viewing, a certain amount of metadata will always be accessible to the parties. And diligent surveillance of data could reveal sensitive volume and activity information.
Blockchain continues to evolve as businesses continue to finesse its usage. And as both develop and change, so will the risks involved. As with any new technology, financial organizations must stand vigil over transformations and stay abreast of the threats put forth. To safeguard their investments and customers, they need to respond with continual risk assessments as part of a comprehensive business continuity plan.
Written by Angie Longacre
As a writer for Assurance Software, Angie devotes her craft to promoting business continuity and disaster recovery awareness, and trumpeting Assurance Software’s invaluable benefits for both. When she’s not commanding the keyboard, you can find her outside for a run, searching for her next antique treasure, or lost in a good book.