The Light and Shade of Blockchain

Printer-friendly versionPrinter-friendly versionSend by emailSend by email
Monday, February 13th, 2017
박경양 대표

Park Kyung-Yang, President & CVO of UBpay,Harex InfoTech Inc.

Alan Turing once said, “Sometimes it’s the very people no one imagines anything of who do the things that no one can imagine.“

The same can be said for digital or cryptocurrency that makes use of a blockchain.

The banking sector is actively preparing to adoptblockchain technology, which is well known as the core technology of digital currency such as bitcoin. Although there are obvious advantages to blockchain technology, as many experts recognize, it is necessary to think again about whether blockchain related services are secure.

Recently, there have been cases of hacking of GateCoin, Hong Kong bitcoin Exchange, and DAO venture capital company, based on blockchain.

The GateCoin hacking case was that the cryptocurrency theft occurred when hackers gained access to the private key of the exchange’s hot wallets, enabling them to transfer these digital funds to wallet addresses outside of the exchange. The DAO case was that hackers leak digital currency by exploiting the vulnerability that the token, which is supposed to be deleted while converging into the encrypted digital currency, is not actually deleted. 

As we can see from these examples, although financial service based on blockchain is regarded as safe, we should keep in mind that human-made cryptosystems can be circumvented by humans.

According to the latest dissertations, a security flaw manifests itself in a blockchainduring a hash function collision, which is an inherent weaknessof the one-way cryptographic function used in blockchain techniques.Also, in these cases, it is possible to do a bypass attack during the user system stage, even if the blockchain technology is secure.

Beforeblindly adopting blockchain-based financial services, it is necessary to carefully examine which financial services processes are most appropriate in terms of financial security.Currently, most FinTech companies are storing various kinds of financial information for convenience.However, since FinTech security is directly linked to service trust, serious problems arise if there is even the slightest potential vulnerability in financial service security.

Thousands of hackers around the world are continually developing new techniques to penetrate financial security systems, so it is difficult to completely overcome the security limitations of technology, even if aFinTechcompany does more than the current industry standardto avoid the hacking of financial information.

For a more perfect FinTech security environment, a change of thinking is needed.Recently, the method of obtaining financial information by bypassing security devices in IC cards and plastic cards wascovered at the Black Hat conference, the largest conference of hackers around the world.Companies that provide payment via card virtualization, such as that used by Apple Pay,are also continuously involved in hacking prevention activities.

After all, it means that there is a limit to the way the user's financial informationshould be handled by others.Therefore, it is necessary to change to the concept of `User CentricPayment` which enables users who own financial information to conduct financial transactionswith multi–channel security and multi-factor authentication that guarantees E2E security between financial institutions and the user, with no intermediaries.

In the meantime, we have made many investments and developed many technologies to insure financial transaction safety. The introduction of a newer security system gives us psychological security.However, whenever a new hacking attack occurs, we become anxious again.So long as there are hacks, there will inevitably be anxiety.

One of the best ways to prevent hacking is to make sure that even if a hacker successfully compromises a system, there is no sensitive information to steal, and any information that could be vulnerable is useless even if it gets stolen.Creating a User Centricfinancial transaction environment that prevents hackers from even having the slightest motivation to hack the financial transaction system is the most important factor in securing financial stability.

If the market is to grow, it is important to secure consumer trust.It is a prerequisite to strengthen the security encountered during the commercialization process as well as the modernization of the relevant legal system. Government, business, and consumers should cooperate with each other on new technology-related consumer issues in order to create an ecosystem responding in advance.

Comments

hyundai eng