B2B Payments

Chain, Thales Link To Instill Confidence In Blockchain Security


Fueling the blockchain hype for FinTech and the financial services space is its promise of security. But like any new technology, it could always be made more secure — and regardless of its security, users won’t be entirely confident in the innovation until the tool becomes more widespread.

Taking steps in these directions are cybersecurity company Thales and blockchain firm Chain, which are announcing today (March 29) an integration to boost the security of solutions using Chain’s blockchain infrastructure.

“The truth is,” said Ryan Smith, chief technology officer at Chain, in a recent interview with PYMNTS, “this is the very early days of blockchain technology. And there are certainly endless announcements of press releases you can read and hype you can subscribe to, but there are very few production use cases in the world today.”

That means, regardless of how secure blockchain actually is, markets like the financial services space aren’t necessarily going to buy into it automatically.

“It’s hard to really point at blockchain and say, ‘This is really secure. It’s worked for many years, and it has a great reputation,’” Smith continued. “That doesn’t exist yet.”

When it comes to getting blockchain out of testing phase and into the real world, proving that security will be paramount, he said. There are a few ways to do that, and collaborating with Thales means a two-prong approach: boosting the security of blockchain and doing so using technology with which the financial services space is already familiar.

Peter Galvin, vice president of strategy and marketing at Thales, told PYMNTS that the company’s hardware security module, which Chain is integrating into its solution to generate one-time cryptographic keys, is a technology in which banks and other FinServ players are well versed.

“HSMs [hardware security modules] are the backbone of those environments,” he said, “so it’s been a natural progression.”

Explaining how these modules work can be quite technical. Each transaction initiated via blockchain requires a set of cryptographic keys, and generating those one-time keys must be as secure as the transaction itself. According to Galvin, often these keys are protected in software, but a hardware security module like Thales’ can offer a greater level of protection.

“Like with any new technology,” he continued, “security is one of the things they are concerned about. Using a tried-and-true type of technology like HSM, where many companies, including people who run payment processing like Mastercard and Visa, they use HSM in their environments. They’re used to that technology, and they understand the level of security that that technology provides them.”

Using HSMs in a blockchain environment, Galvin said, means banks can be more confident in the security of that technology.

Adding in a dose of technology with which these companies are familiar can help blockchain come out of proof-of-concept phase and into real-world use cases. But security, of course, is only one part of the process. According to Smith, promoting adoption of blockchain will be a process.

“I think this is generally true of any new technology outside of financial services, as a broad concept: New technology is much easier to apply to a brand new product or market or idea than it is to go back and try to replace the systems that are already working and in production today,” he said. “It’s a lot less risk, and you like to have a slow, gradual rollout.”

With this in mind, a collaborative approach to exploring not only how to develop blockchain-based tools, but where to apply those new solutions, has been critical.

For Galvin, the adoption curve of blockchain could look like this: First, a slew of applications get developed. Then organizations will begin deciding which of those applications really fits best for their operations. And this slow roll, he said, will drive even more adoption and innovation, while the ability for developers to access these solutions and experiment with blockchain themselves will similarly propel the development of tools that can find a place in the market.

Working with members of the financial services space, like Visa, also helps instill trust in these blockchain-based solutions, noted Smith.

“We’re going to start to put these proof points out into the world to say, ‘Look, blockchain is exciting, and yes, it has a lot of potential, but that potential is starting to be realized,’” he said. “In some ways, I feel like we’re all waiting to see the first few production use cases and wait to see if they pay off. And a big part of that is thinking about how we can de-risk this as much as possible, and make sure we’ve built a secure system — and that’s where HSM plays a critical role. Because we have to prove the security of this technology.”


New PYMNTS Report: Preventing Financial Crimes Playbook – July 2020 

Call it the great tug-of-war. Fraudsters are teaming up to form elaborate rings that work in sync to launch account takeovers. Chris Tremont, EVP at Radius Bank, tells PYMNTS that financial institutions (FIs) can beat such highly organized fraudsters at their own game. In the July 2020 Preventing Financial Crimes Playbook, Tremont lays out how.

Click to comment