How blockchain can protect our personal data from hackers
By Alastair Johnson
The best way to avoid a data breach is to not store any data
The way companies store personal data is broken.
The cybersecurity industry has mushroomed in recent years, but the data breaches just keep coming. Almost every day brings news of a new data breach (http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/), with millions of records compromised -- including payment details, passwords, and other information that makes those customers vulnerable to theft and identity fraud.
It's bad news for the companies too, as not only do they face huge fines (which are only getting tougher), they also suffer serious reputational damage. These are not small, naive businesses; they are major, often global, brands. They spend millions of dollars on security -- and yet still find themselves suffering.
How the blockchain can help
The best way to avoid a data breach is to not store any data. That sounds obvious, but until now it's been virtually impossible.
Merchants need user names, passwords, payment details and other personal details to deliver their services. And they usually need to keep hold of that information -- which means there are or thousands of databases worldwide containing some of your most sensitive personal data.
No one would leave a written list of all their personal details at every physical store they go into -- but online we do it all the time. No wonder the Web's inventor, Tim Berners-Lee, said in March 2017 that "We've lost control of our personal data." (https://webfoundation.org/2017/03/web-turns-28-letter/)
Bring on the blockchain. The advent of decentralized blockchains means we now have the opportunity to store, share and pay in a completely new -- safer -- way, which puts the user back in control. The existing data security model is clearly dead. Blockchain is the fundamental change we need to protect both consumers' information and businesses' reputations.
Securing Personal Data
A combination of biometric security on your device, and the blockchain principles of private keys controlled solely by the user, opens up the opportunity to ditch user names and passwords forever. And with the most popular password still being 123456 (http://www.mirror.co.uk/tech/worst-passwords-2016-revealed-123456-9644740), that's got to be a good thing.
As well as that, add the potential to store identity information on the blockchain where only the user owns and controls it. Blockchain has always been recognized as a great asset storage system, thanks to its zero knowledge storage, encryption, privacy, security and trust, all combined with the immutable ledger that's decentralized.
Many companies have already enabled identity on the blockchain. However, identity alone, unconnected to the everyday services we all use, is limited.
Things get really interesting when you link identity on the blockchain with existing payment methods and services. That creates an 'on-ramp' to future payment systems, which also links neatly to blockchain in the form of cryptocurrency.
Right now, we all hand over control of our personal information so promiscuously, the only real surprise is that the associated privacy problems aren't even bigger than they are.
Blockchain offers the enticing vision of a world where you can transact without having to hand over every part of your transaction details, or remember the name of your mother's favorite childhood pet. The blockchain's potential for zero knowledge proofs also offers a cryptographic way to do things like prove your age without showing your age, or demonstrate your status as a good actor with a record of successful transactions -- without revealing the content of those transactions.
Technology like this could well be used to acquire loans, make high-value payments -- and maybe remove the need for a risk assessment on every single transaction. It could even spell the end of credit monitoring as we know it -- good news, given that recent events have shown how wary we should be about security at some of those companies.
Lastly, once each of us has our information securely stored on a blockchain, we have the opportunity to choose if and when we share it -- in return for actual value. This could be the beginning of a true "internet of value."
Right now, Tim Berners-Lee is right: we have lost control of our data. But we can get that control back. Blockchain is the key.
-Alastair Johnson; 415-439-6400; AskNewswires@dowjones.com
(END) Dow Jones Newswires
01-03-18 1437ETCopyright (c) 2018 Dow Jones & Company, Inc.