Category: Security

Security is the degree of resistance to, or protection from, harm. It applies to any vulnerable or valuable asset, such as a person, dwelling, community, item, nation, or organization.

Need for ethical data sharing standards ….

Currently there is an intense discussion about personal data and ownership. Although the assumption of exposing data is inherently dangerous, the opposite may be true as well. The key question focusses more on access control to manage data exposure in order to avoid risks while still getting the benefits. Or maybe it is more about establishing broad ethical standards as data availability is neither good or bad on its own – the way it is used makes the difference.

Let’s look at some use cases which illustrate the challenge. Let’s assume you feel an unusual pressure in your chest and decide to visit a doctor. He does an electrocardiogram (ECG) which looks normal. What does this mean – although it maybe normal in relation to a statistical sample but may be very unusual for you. The doctor does not have the necessary data to determine this.

Let’s assume now that you have a wearable which collects data of key body functions on an ongoing base. Many others do this as well and the gathered data can be analysed leading to algorithms which can detect anomalies like an indication of an increased risk of a heart attack on a personal level. Your data is now used in two ways – to build up the algorithm and to detect health issues for you. Please note that just doing some data gathering when you feel bad has not the same effect. The power comes from the availability of longer term data.

Let’s now assume that the new way to identify potential heart attacks reduces the perspective costs substantially. Especially in the long-term, trends and indicators can be used to influence the behavior e.g. towards more physical activity.

The data gathered could also be used to derive further information which could be used for unethical purposes.

You might say that it is always possible to switch data gathering on and off  – depending on the type of data such ‘white spots’ may finally be problematic and will not help to better protect privacy. If gathering data is the norm, then switching it off could easily seen as an indicator that somebody tries to hide something may actually attract attention.

Such data could be pseudonomized – but needs to have some sort of tag to allow correlations to power the analytics or it may even by identifying itself like the ECG which is also being used for authentication.

There are many such examples – if you share your GPS position, somebody may take advantage that you are far away from home or use the data to rescue you after an accident.

I think that collecting data will be the norm. Protecting data will be key – but even more important is the need to establish ethical standards on how to deal with such data and information derived from it.

Information dissemination ethics

Image 20180211 172710
Digital technology encourages the dissemination of knowledge and know-how. Its ability to influence socio-economic structures also means it confers power and a competitive edge on those who design its applications over those who merely use them. Ethics, a form of critical thinking on social structures and traditions shaping the lives of societies. Aim at questioning moral biases and opening new choices. Digital libraries belong to an emerging digital culture. New questions concerning production, collection, classification, and dissemination of knowledge arise. How is the integrity, validity, and sustainability of these digital collections guaranteed?
 
Information technology is now ubiquitous (Ubiquitous Computing) in the lives of people across the globe. These technologies take many forms such as personal computers, smart phones, the internet, web and mobile phone applications, digital assistants, and cloud computing. In fact the list is growing constantly and new forms of these technologies are working their way into every aspect of daily life.  Have we allowed the digital medium to grow chaotically and carelessly, lowering our guard against the deterioration and pollution of our infosphere.  Is it due to the desire and reflection of only what we wanted – entertainment, cheaper goods, free news and gossip – and not the deeper understanding, dialogue or education that would have served us better.
 
During prior mediums of disseminating information (e.g. newspaper, physical mediums) there was concerned with maintaining standards, adherence to accuracy and an informed public debate. We now have the same problem with online misinformation. These kinds of digital, ethical problems represent a defining challenge of the 21st century. They include breaches of privacy, of security and safety, of ownership and intellectual property rights, of trust, of fundamental human rights, as well as the possibility of exploitation, discrimination, inequality, manipulation, propaganda, populism, racism, violence and hate speech. A lack of proactive ethics foresight thwarts decision-making, undermines management practices and damages strategies for digital innovation. The near instantaneous spread of digital information means that some of the costs of misinformation may be hard to reverse, especially when confidence and trust are undermined (Emotional Trust in an Hyperconnected world). 
 
How do we  establishtrust through credibility, transparency and accountability – and a high degree of patience, coordination and determination. Will this be fulfilled with an ethical infosphere to save the world and ourselves from ourselves? 
 
 

The challenge of (financial) mobility of the future

I had the great pleasure to join the “Impulse Apero” on Feb 6th organized by Kellerhals Carrard and Implement Consulting Group featuring the head of the SBB’s board of directors Monika Ribar. Monika walked the audience in her inspiring presentation through the challenges and opportunities of mobility of the future.
  • Transparency is the new currency – people estimate transparency. Its about enabling people to reach their goals independent of the provider and about being informed in good and in bad times.
  • Openness is the new norm – we are living in a network economy. Openness is the key to unleash the combined potential of all services in the network. Closed and monolithic systems are relicts of the past.
  • Holistic services – users want to have an end to end service and an broad overview. There is just the choice of providing it or let somebody else do it.
  • Simplicity  – the different pricing schemes used by the various service providers are hard to understand for the consumer. But all this complexity can be hidden using smart technology – either by offering a flat rate scheme which enables general usage or by simply billing the actual consumption with the optimal price for the consumer.
These points are very true for a mobility provider and also for financial services and other industries as the relate to big shifts in society. There is one huge difference – the SBB has a huge logistic challenge with a lot of infrastructure which is required to realize the desired degree of mobility. Financial services companies in essence just deal with information and have a simpler problem to solve.
I also would like to highlight a few other aspects which I found very interesting:
  • Empowerment – the people who are in contact with the users must be empowered to solve problems in creative ways.  They see the problem and they can directly engage and solve them with  their creativity. The SBB has allocated a budget at discretion for the ‘railway companions’ – this are the people in the train who make sure that the travelers have a smooth journey. This empowerment of employees at the point where the company engages with the clients is just cool.
  • Team – the rail clean organization is now a part of SBB again and wears he SBB logo. In more an more automated railway stations they are often the only people. Now the wear an SBB logo again and can help support travelers in case of problems. This is a win-win situation as the job has become more interesting and as clients have a further human touchpoint with the brannd.
  • Development –  all roles are changing due to the evolution of the environment and the technology. It is of strategic importance to think about the roles and their evolution paths. SBB grows and moves together with its employees into the future of mobility.
  • Data – SBB as a provider collects a lot of data about its users. Monika stressed that the data belongs to the client and not SBB. So the client decides when and how this information is used.
Again four aspects which can be translated very well into financial services. The empowerment of the staff is key, every employee is a part of the brand management and client data belongs to the client and not the service providers.

NIST Blockchain Technology Overview

The National Institute of Standards and Technology (NIST) hast published a draft report on blockchain. This report is an excellent summary and overview of the technology, its key characteristics and use cases.

“Blockchains are immutable digital ledger systems implemented in a distributed fashion (i.e., without a central repository) and usually without a central authority. At their most basic level, they enable a community of users to record transactions in a ledger that is public to that community, such that no transaction can be changed once published.”

This has the following implications on organizations:

“However, on a blockchain, it is much more difficult to change data or update the ‘database’ software. Organizations need to understand the extreme difficulty in changing anything that is already on the blockchain, and that changes to the blockchain software may cause forking of the blockchain. Another critical aspect of blockchain technology is how the participants agree that a transaction is valid. This is called “reaching consensus”, and there are many models for doing so, each with positives and negatives for a specific business case.”<

Indeed – this highlights a few foundational aspects – blockchain realizes high data integrity and immutability based on a certain level of transparency required to reach a consensus on the validity of transactions. The report outlines the most important consensus algorithms – each with its drawbacks and advantages.

  • “In the proof of work model, a user gets the right to publish the next block by solving a computationally intensive puzzle.”
  • “The proof of stake model is based on the idea that the more stake a user has in the system, the more likely it will want the system to succeed, and the less likely it will want to subvert it.”
  • “In some blockchain systems there does exist some level of trust between mining nodes. In this case, there is no need for a complicated consensus mechanisms to determine which participant adds the next block to the chain.”

The report also explores the most important types of blockchains :

  • If anyone can read and write to a blockchain, it is permissionless.
  • If only particular users can read and write to it, it is permissioned.

The permissioned blockchains are similar to an intranet only visible to the nodes on this network while a permissionless blockchain mimics the characteristics of the Internet.

“The use of blockchain technology is not a silver bullet, and there are issues that must be considered such as how to deal with malicious users, how controls are applied, and the limitations of any blockchain implementation. That said, blockchain technology is an important concept that will be a basis for many new solutions.”

The technology is indeed no silver bullet but is has huge potential for all applications which require a shared agreement and a high level of security.

“Blockchain technologies have the power to disrupt many industries. To avoid missed opportunities and undesirable surprises, organizations should start investigating whether or not a blockchain can help them.”

NIST asks for comments and feedback until February 23, 2018.

 

Self Sovereign Identity – Approaches

We think that Self Sovereign Digital Identity is one of the key elements in the shift towards a distributed decentralized financial system (see also FINthinker’s Predictions for 2018). Below are examples of organizations which engage on this topic each with a different approach:

There are more … comments  with links welcome.

Self Sovereign Digital Identity

Before we explain what is self sovereign digital identity, let us first define identity, then elaborate on digital identity which inherently leads to the final form of digital identity management where each user controls their own digital identity.

  • Identity is a uniquely human concept. It is that ineffable “I” of self-consciousness.
  • We all have a Social identity – the qualities, beliefs, personality, looks and/or expressions that make us a person

But how do we proof our identity when interacting with others? Lets look at an example:

You interact with a person who claims to be John Smith and wants to do some transactions with you. John gives you his passport (or a in some countries his driver’s license) as a proof of his identity claim. You attest John’s claim by looking at the passport, determining whether that it is authentic and then comparing attributes captured in the passport with the person in front of you.

This process includes the following concepts:

  • claim – a claim that an actor would like to consider true
  • proof(s)- evidence that something is true, often based on a trusted certificate
  • attestation – verification by an independent party that a claim is true

You may now create a record in your system with a customer identifier, a copy of the passport and additional attributes such as address, date of birth by further verification either through utility bills or other formalized evidences. This record is a digital identity and represents relevant aspects of the social identity and is now the basis for your business interactions with John.

This may all sound simple and rather straight forward, but

  • Attestation is typically a manual process where unstructured data is captured and verified against the available proofs which must be collected and stored
  • Only a subset of the captured information is constant. The captured attributes may get out of sync with reality
  • The presented proofs may be faked, and the quality of the attestation depends on your skills to identify such issues
  • Wherever John wants to have additional interactions, a similar process is required leading to the creation and attestation of another digital identity
  • Whenever information changes, John must provide updates to all relevant parties
  • John has no control what happens with his data and who is accessing it

Juridical persons and things can also have a digital identity – however in this post, we will continue to only focus on natural persons and look at ways such digital identities can be managed.

Identities

Digital Identity Management started with centrally managed approaches. The authority, of such approach, that manages the digital identity data becomes the guardian and qualifies the digital identities. As networks evolved, federated approaches were adopted where multiple authorities jointly manage digital identities. User-centric identity is expanding where a user has more control over his digital identity and decides whether to share an identity from one service to another. Such sharing capability is based on standards like OpenID (2005), OpenID 2.0 (2006), OpenID Connect (2014), OAuth (2010), and FIDO (2013). It’s important to note that all these approaches are centralised but the user has more influence as to how the information is shared.

The concept behind self-sovereign digital identity is to give the user full control over his/her digital identity. It is a distributed identity management approach where a person creates a unique identifier for their digital identity, places claims and asks others in the network to perform attestation. Claims and attestations can be secured using cryptography with the public and private keys of the involved parties.

  • An actor can encrypt a claim with his private key
  • The actor can use the public key of the attestation authority to keep attestation private
  • The attestation authority can decrypt the message with its private and the users public key
  • The attestation authority can verify the presented proof and sign if using its own private key
  • The attestation is then sent securely back to the user

The user now has an attribute with a digitally secured attestation and with proof of a verified authority claim(s). Over time network of users builds up, where identities are maintained and trusted through attestation of proofs given by others in the network. Attestation authorities can be official authorities, organizations and other users. The quality of an identity in such a system depends on the quality of the involved authorities. Ideally this approach will introduce a single user-managed digital identity which can be used in the network when required and becomes the core of the genuine digital self (please see Be your digital self)

Christopher Allen has defined ten principles to ensure the user control that’s at the heart of self-sovereign identity

  1. Existence – users must have an independent existence
  2. Control – users must control their identities
  3. Access – Users must have access to their own data
  4. Transparency – Systems and algorithms must be transparent
  5. Persistence – Identities must be long-lived, ideally last forever
  6. Portability- Information and services about identity must be transportable
  7. Interoperability – Identities should be as widely usable as possible
  8. Consent – Users must agree to the use of their identity
  9. Minimalization- Disclosure of claims must be minimized
  10. Protection – the rights of users must be protected

It is important that the private keys need to be well protected as they grant full control of the digital identity.

So far, this post discusses the creation of a digital identity. In a future post we will look at how do we bridge between the real and the digital world. How can a system verify the user is who they claim to be?

Conclusion

As the world becomes hyperconnected (please see “No ‘OFF’ Switch“), digital identity and security will continuously gain importance. As there will be, in the foreseeable future, no worldwide authority to manage digital identities, the world will converge towards a self-sovereign identity system where users own their data and various actors perform attestation in a mutual way. The system, in its nature, follows paradigms of earlier times where trust was the result of a social network. The introduction of Digital changes the proximity requirements allowing applicability of such system on a global scale.

References:

Be your digital self …

We all have at least one digital self, something representing us to engage in the technological world. Initially this may just be information about us and related data. But at some point, in time this digital footprint will learn and adopt our behaviors and become active.
We may have multiple digital selves – genuine and facades. The genuine self is the one which learns directly from our behaviors and mirrors our social identity. The facades are tailored for specific situations or may try to protect the genuine self.
The genuine digital self will become a mirror of you – most likely knowing more about you than you do yourself.
Is the genuine digital self a legal subject or just acting on behalf? Our genuine digital self will be able to act much faster considering more information than we can – if allowed. We must consider the level of responsibility and accountability on our physical self for what it does. Should this begin with a form of parent child relation and to evolve becoming a legal subject over time.  This evolved relationship enables the digital citizen to grow and learn over time to become of full legal age at some point.
Ethical standards for digital selves will become increasingly important – humans have ethical basic patterns which are inherited and part of the DNA. Before digital selves become widely adopted and increasing active, digital self will require such standards.
We will, as part of the evolution, need to revisit our standards of privacy. Are we able to pause our digital self and what would be the impact and disruption to our digital ecosystem?  Digital self-editing may sound funny but may soon become a serious issue when others detect discrepancies and lead to distrust. Observed digital selves – you observed by others – can be used to validate information or complement it. So, you need to become more yourself – which for most people is not a big issue.
We need to evolve our perspective of what we treat and define as sensitive information during this journey. Fundamental attributes such as name, birth date or social security number will be increasingly hard to protect. So, we will need to change the way how we see personal information during this journey. Many legacy constructs like credit card numbers are not suitable for the digital age and must be replaced – this is the essence of the ‘digital transformation’.
Obviously, the digital self needs to be well secured and protected. This includes integrity, availability and confidentiality. Initially you will be responsible to keep your true digital self secure. But at some point, this will change and your digital self starts to protect you – two evolutionary states of digital self defense.
Links:

November on FINthinkers

leaves-57427_1280
November 2017 was the first month for the FINthinkers blog. Below is a short summary of what covered so far
Change
Our blog started with Change is inevitable looking at diverse types of change ranging from evolution to revolution. We also touched on Conway’s Law which states that organizations designing systems are constrained to produce designs which are copies of the communication structures of these organizations. Following Conway’s law companies need to change the organization to create the systems required to stay relevant in the new normal. In Next stop – FinTechGiants ? we look at the available dimensions to outperform others and at the relevant structures which each company has. Many companies seem to apply a Tur Tur strategy to change looking giant from far away but very small if one gets closely.
Client Experience and Brand
Noisy Channel(s) to Channel-less highlights the need to think from the client’s perspective. No client talks about channels but we all like to have seamless and ubiquitous experience to reach the desired outcomes. So brand’s digital behaviour becomes vital when services are transparent in a digitally augmented world.
Security
Homomorphic Encryption started a series of posts on security and related topics.
We hope that the posts inspired you to think about the topics. The nest posts will follow soon … thanks for reading.

 

Homomorphic Encryption

safety-2890768_1280

Background

What is Homomorphic encryption? The ability to perform data exchange and transformations exclusively with encrypted data, only decrypting it when an authorised person needs to see a result. It is a method of performing calculations on encrypted data without decrypting them first. It converts data into encrypted text that can be analysed and worked with as if it were still in its original form. It enables complex operations/processing to be performed on encrypted data without compromising the encryption.

Storing datasets in fully homomorphic repositories removes all chances for unplanned disclosures. Only those entities with a private key can query the database, run analytics on the data and see results. This offers a secure leeway to make use of the distributed ledger technology in an as-is basis. With homomorphic encryption techniques used to store data such as smart contracts, positions, transactions over the blockchain, there won’t be any significant changes in the public distributed ledger (eg blockchain) properties and taking care of privacy concerns associated.

Usage

The use of homomorphic encryption technique will not only offer privacy protection, but readily access to encrypted data over public blockchain for auditing and other purposes (eg add-on services). Use cases can be via C2C, B2B, B2C, C2B from 3rd party services such as ride-sharing, digital marketplace, search services, or medical services.

Using the example of electronic payment protocol* for customer merchant (or a non established trusted entity). Current situation requires a trusted (signed) payment description that be sent from the merchant to the customer. Using homomorphic encryption, this is no longer required and the destination “account” number for the payment is solely created on the customer side. It eliminates the need for any encrypted or authenticated communication in the protocol and is secure even if the merchant’s digital infrastructure is compromised. Payment transaction in itself serves as a time stamped receipt for the customer.

Real life applications are not limited to providers, but as well consumers (eg financial institutions, research organisations, education, dat miners) anyone/entity who wants to be able to share data without compromising data security regardless of the environmental or other differences in context.

The impact of homomorphic encryption in the digital ecosystem will increasingly enable co-operation/collaboration between multiple parties possible especially when there is limited to no trust established as it protects and renders it not vulnerable to unauthorised access and full privacy.

Related material:
* Homomorphic payment addresses and the pay-to-contract protocol
* A Survey on Homomorphic Encryption Schemes: Theory and Implementation
* How to make Fully Homomorphic Encryption “practical and usable”