The global Internet of Things needs to have great cybersecurity—that’s why leading card provider #Mastercard just acquired financial cybersecurity firm #NuData #Security. An estimated 50 billion IoT devices will be connected by 2020, according to Mastercard, which has already developed smart fridge solutions, and is currently working on smart homes, smart cars, and other wearable devices […]
Bank Innovation
The two most prevalent use cases for the #blockchain in #fintech are trade finance and cross-border transfers—moving money at a quicker pace and more securely, according to research by Coindesk. However, as has also been reported, #security is becoming more of a concern for fintechs and for #consumers, especially as our livesRead More
Bank Innovation
Every tool has been designed to accomplish a certain task or purpose. #Blockchain is not different from other tools and it has a specific functionality. As you will see below, it provides a set of #security properties that are very useful to protect information.
Blockchain is not something new in cryptography.
Blockchain is, in essence, a signed hash chain. This is a combination of data, hashes and signatures composing an interwoven chain. Although Blockchain is a hot topic nowadays, its underlying #technology has been used for years to protect information. The generation of immutable audit logs is a good example of this.
The idea behind Blockchain consists in signing the content of every data record together with the result of a hash function of the previous stored record. In this way, signatures become successively connected by themselves allowing anyone to check their correctness.
From a security point of view, Blockchain provides data integrity, data authenticity, non-repudiation, record immutability, verifiability, and fault-tolerance.
Each of these digital signatures provides data integrity, data authenticity and non-repudiation to its corresponding record: (i) When the data of a record is signed, it cannot be modified once generated without detection (data integrity); (ii) only the issuer of a signature is able to prove that the signature belongs to her (data authenticity); and (iii) the issuer of a signature cannot deny her authorship (non-repudiation).
Meanwhile, the hash included in each signature links such record with the previous one. This hash together with the digital signature offer record immutability. In other words, records cannot be added, modified or deleted without detection. This is because any fraudulent change can be detected by verifying from the last to the first linked signature of the chain. Anyone who possesses the public key of the signatures is able to check it (verifiability). In fact, this is the reason why Blockchain is not anonymous.
In addition, Blockchain provides data redundancy, which consists in storing a copy of every record in several peers. Therefore, if a server fails, the other servers still have the whole data (fault-tolerance).
All these properties make Blockchain a good tool to store information in a secure way. But, as each tool, Blockchain has limited properties and functionalities. It cannot solve as many problems as we would like.
Analyse what security requirements have to be met by your system, and decide then what cryptographic techniques to use.
For this reason, it is important to figure out what functional as well as security requirements have to be accomplished by your system and whether Blockchain is your suitable tool.
Is Blockchain what you need?
Keep in mind that there is not a magic tool able to deal with all your system requirements. On the contrary, an improper use of a security tool could lead to your system a serious security fault.
This week host Brett King is again joined by Chris Skinner, as the two conclude their five-part talk on #blockchain #technology — the rails beneath the anonymous #bitcoin which keeps it secure. King and Skinner will wrap up their blockchain series with a discussion about the importance of digital #identity and digital #security, and the larger roleRead More
Bank Innovation
China’s state #social #security system is reportedly looking to integrate #blockchain #technology as part of a bid to cut costs.
CoinDesk
“How did multisig fail? Why did people lose their money? I thought multisig was secure.” Through the Bitfinex hack it’s become apparent that people don’t really understand #bitcoin’s multisig feature. There seems to be a lot of confusion over what multisig is and isn’t, what it inherently does or does not do. This article aims to clarify some of the most common misconceptions, explain how multisig actually works today, why policy controls aren’t a substitute for organizational #security, and what you can do to protect yourself.
Multisig is a tool. Just like any other tool, it can be used to achieve a number of different results. This tool can be used to distribute and dilute risk of key compromise or loss, for redundancy as a backup, and to create joint-accounts where each party can spend from the same pool, or to separate duties within an organization.
Multisig is not a security plan. It can be a powerful component of a well designed security plan, but it is only ever one component. To simply say “multisig” without exploring the implementation, how it’s being used, and what goals are trying to be achieved, is meaningless. It’s not a security incantation, though it would be so much easier if it was.
In order to understand what it can and cannot do, we need to understand a bit about how it works. Don’t worry if you’re not a techie, this isn’t written for them — it’s written for everyone else. 1
Creating a multisig address. In order to create a multisig address, you simply need more than one public key. Let’s look at an example. Alice, Bob, and Charlie are all organizers of a local bitcoin and open #blockchain meetup. They want to collect funds to support the meetup but don’t want any one of them, alone, to control the funds. They set up a multisignature address, using CoPay software, that allows them to select a 2-of-3 configuration, meaning two of the three of them must authorize the transaction before it will be valid. In this instance the possible signing combinations can be A&B, B&C, A&C.
What’s actually happening behind the scenes? Their software is constructing two things: a script that contains the instructions of how many signatures are required and what public keys correspond to private keys that are authorized to sign (m-of-n), and a hash which is the bitcoin address, starting with the number 3, corresponding to the script. The script is often called the “redeem script” because it contains the requirements to redeem or spend payments from the multisig address. 2
You can think of a redeem script as a set of permanent, unchangeable access controls. These limited access controls are embedded into the bitcoin address itself. Meaning when funds are sent to the corresponding address, the redeem script must be satisfied in order to move funds. The rules are set when the address is created and can never be changed. The rules are, literally, part of the address itself. This one of the most powerful parts of multisig, this is why many believe it is more secure than a traditional single-signer bitcoin address. When multisig is used as part of an overall security plan, it can provide additional protection against embezzlement, mistake, loss, fraud, single point of failure, by requiring multiple parties or multiple devices (multi-factor multi-sig) to approve a transaction.
But notice what it does not do.
Policy controls are not inherently part of multisig today. At this point you may be confused because many wallets provide these types of added services. They’re advertised as additional security measures, as additional controls. What’s not so clear is that these services are implemented by the company’s software and internal policies — not by the bitcoin protocol. That’s important because it means the controls can be bypassed, the limits can be changed. While Bitcoin’s scripting language continues to evolve, and some protocol based policy controls, like lock-time, are available, they haven’t been widely implemented yet.
The take away: today’s policy controls aren’t as secure as they may seem. In fact, they’re only as secure as the system controlling policy changes. Unfortunately, that’s less secure than most people believe.
Sometimes keyholders automate signing, based on policy controls.Many multisignature wallets (but not all) now include automated transaction signing based upon policy controls as a feature of their wallets. In these implementations, the wallet company controls one of the keys used to create a multisignature address. That key, and it’s related signing functions, are controlled by software written by the company — the software is often called an oracle or signing oracle. At the time the address is created, in addition to the public keys, the wallet company collects the user defined policy controls. For example, a user might set a maximum daily limit of $1,000.00 USD withdraw. The address is created and the signing parameters of the signing oracle are set.
The signing process usually looks something like this — the user creates a transaction (say for $500.00 USD), signs it, and sends it to the wallet provider for countersigning. The oracle sees the transaction, checks for policy controls (here the $500 is less than $1000.00), countersigns and broadcasts the transaction to the bitcoin network. Speedy, convenient, efficient. Secure? Maybe. Maybe not. Maybe it seems more secure than it actually is.
Security depends on a lot of factors — not just how many keys are required to sign a transaction. It depends on processes and policies defining the policy controls: Who can change spending limits? Time limits? Notifications? When can they be changed? Is there a cooling-off period after they’re changed when no transactions will be signed? It also depends on the company’s internal security: Who has access to the oracle or signing keys? Where are the backups and who has access to those? Who writes the oracle software and is it open-source? These are just some examples of security concerns that aren’t addressed by multisig. Multisig means more than one key was used to create the address. Nothing more. It is not a euphemism for security. Alone, it’s not enough to keep our funds secure.
Security cannot be outsourced. As an industry, we need to stop confusing outsourcing signing keys with outsourcing security. Simply turning over signing keys and process controls to a third party will not protect you or your customers from theft. We need opt-in security standards, like CCSS, and annual security audits. Most importantly, we need to focus on understanding the risks and accurately explaining them to users.
Finally, always remember: “Not your keys, not your money.”
Footnotes: 1. If you’re reading this article, I assume you understand the basics of bitcoin. Bitcoin is secured by public key cryptography, seehttps://en.wikipedia.org/wiki/Public-key_cryptography. 2. Technically, this feature is called P2SH or pay-to-script-hash, not multisig. However one of the most common implementations of P2SH is to achieve multisig and the term multisig has become widely used to reference this specific P2SH implementation.
Original post: https://medium.com/@pamelawjd/bitcoin-security-is-more-than-multisig-1b55768582f3#.zh74f3cxm
A question that #security providers are prodded to answer is how to safeguard identity while not burdening the end user too heavily with new tasks when they access their accounts online, whether on desktop and mobile. This question, however, is a flawed one since within our reach is a solution that markedly enhances user experience (UX) while providing the best security available.
The marriage of biometrics and cryptography along with advances in mobile #technology has made biometrics a viable, immediately-deployable, and scalable replacement for yesterday’s flawed username and password authentication scheme. The solution is called #biometric tokenization, and our partners are already implementing it to eliminate passwords, lower enterprise risk, introduce IT efficiencies, and preserve user privacy.
What remains when passwords are left behind is a new UX where the user registers his or her biometric signature on-device, and when their banking app prompts them to log in, transact, or otherwise assert their identity he or she simply authenticates using the device’s embedded fingerprint sensors, camera, microphone, or combination thereof. When accessed, a cryptographic challenge-response validates the identity, login, transaction, or communication in under a second.
The biometric data is decentralized across millions of user devices, meaning the financial services institution no longer holds customer data as it currently does with passwords and PIN codes. It also means that the user is in possession of his or her biometrics, and that these encrypted templates are stored offline in trusted zones found on the devices.
Biometric tokenization such as the FIDO UAF standard HYPR supports is integrable with existing security architectures, requiring no overhaul, and HYPR is interoperable with the diverse biometric sensing modalities, biometric sensing vendors, operating systems, devices, and enterprise applications in use and in place. Bank employees using internal applications on desktop are treated to the same UX that their customers using a consumer-facing mobile app are, and a user’s mobile device can communicate over Bluetooth low-energy (BLE) to navigate desktop applications.
The underlying security that decentralizes and encrypts biometrics also delivers the best UX Internet users have ever known. Biometric tokenization eliminates passwords—it doesn’t corral passwords into a single sign-on, and it doesn’t cause the actioning of an on-device biometric to unlock the phone or paste in passwords. This is true password elimination for the best UX plus top security—no workarounds or corner-cutting.
Enterprises like #banks and their customers can finally “forget about forgetting” when it comes to the credentials they once used to access accounts, and when a device is lost the biometric template, lacking its owner, is rendered useless. Public keys on the enterprise side are also revocable, adding another layer of confidence to the enterprise and user.
Biometrics has brought us such a long way in security innovation because of the security in its own right. What’s not widely known is that there is a usability revolution in the making as a byproduct of the hard work companies like HYPR are doing to finally make online banking safe.
[linkedinbadge URL=”https://www.linkedin.com/in/george-avetisov-b555a6a6″ connections=”off” mode=”icon” liname=”George Avetisov”] is CEO is Co-Founder & CEO at HYPR
[linkedinbadge URL=”https://www.linkedin.com/in/per-lind-5b894″ connections=”off” mode=”icon” liname=”Per Lind”] is Partner at HYPR Asia Pacific.
How #Chinese #spies hacked into computers at the Federal Deposit Insurance Corporation from 2010 until 2013 — and American government officials tried to cover it up.
Bank Innovation
In a new interview, members of the US #Department of #Homeland #Security discuss their increasing interest in #blockchain tech.
fintech techcrunch
#Facebook Messenger is increasing its #security in a bid to be your primary messaging app — and maybe your primary banking app, too. A limited number of Facebook Messenger’s more than 900 million users gained access to two new security features today: end-to-end encryption, meaning only the sender and recipient can viewRead More
Bank Innovation
Reply