Chief Technology Officer of Scrive, explains the preventative measures banks should be implementing to protect their customers
In the first half of 2021, criminals stole a total of £753.9 million through fraud, which represents a 30% increase compared to H1 2020. While advanced security systems managed to prevent a further £736 million from being taken[1], it does raise questions about what other preventative measures banks should be putting in place to further protect their customers.
When blockchain technology is spoken about, most people tend to associate it with cryptocurrencies such as Bitcoin and Ethereum. However, we are increasingly seeing Blockchain technology rapidly disrupt other sectors including cybersecurity, politics, and data analytics.
One of the potential applications, which blockchain or “Distributed Ledger Technology” (DLT) is practically made for, is to make electronic signatures and contract management more secure. To understand how DLT can be implemented to make the signing process more secure and mitigate fraud risk, one must first understand the foundations of blockchain technology.
What is blockchain?
Blockchain is a decentralised digital database of transactions copied and distributed throughout a network which means once recorded, transactions cannot be altered, hacked, or defrauded. Fabricio Santos of CoinDesk compared it to “a series of glass boxes with content everyone can see and verify but can’t change.”
Unlike most conventional databases, composed of tables with columns and rows, a blockchain is made up of sequential blocks securely linked to each other using cryptography; meaning that if a single block in a chain is modified, it will be immediately recognised that the chain has been tampered with, prohibiting anyone from going backwards and covering their traces if they corrupt an entry.
How does it work?
Any digital file or group of files can be represented by a unique fingerprint known as a “hash” derived by a mathematical calculation based on a file’s raw digital information. The most minute change to a file will result in a different hash value. The hashes, not the files themselves, are the records that are stored in the blockchain. Therefore, it is possible to demonstrate that a file hasn’t been altered by recalculating its hash and matching the hash to its corresponding record in the blockchain.
Applying blockchain to e-signing
In the context of electronic signatures, DLT is an ideal approach to protecting document integrity after the signing process. Unlike other approaches such as certificates, which can expire, or keys, which can be decrypted with sufficient time or computing power, DLT is both time and hack-proof.
DLT and e-signature software work in unison to guarantee the integrity of your document by sealing it with a digital signature. Blockchain technology provides a method of securing the digital signature by entering it into a permanent, verifiable public record. This means that in the event of a dispute, you can prove whether your document has or hasn’t been tampered with.
The perfect partnership for security, risk and compliance
In highly regulated industries like BFSI, one of the main challenges to implementing digital services, for traditional branches as well as challenger banks, FinTech and Insurtech companies, is meeting regulatory compliance. Paper documents can be easily modified, and signatures can be forged. In addition to the complexities of compliance, documents that are stored inside filing cabinets still risk being lost or stolen.
Implementing the public-permission ledger model in the context of DLT provides a hybrid of public and private blockchains where anyone can access them if they have permission from the administrators to do so. This provides greater transparency, making the audit processes easier, quicker, and less complex to manage.
Combining DLT and electronic signatures will help to store, protect, and ensure signature authenticity of your documents, making compliance with regulations such as GDPR easier. E-signature software features such as signing party authentication protect your agreements so that they can only be accessed and signed by the intended parties. Partnering with an eIDAS Qualified Trust Service Provider will help to further ensure the integrity of your document as their Qualified Electronic Signatures are regarded at the highest level. Electronic signatures serve as an electronic timestamp, adding an extra layer of protection to your document. Digital identity checks can also be integrated enabling the signing party to authenticate at any time, or any place, signing the document within the same digital workflow, speeding up customer transaction times.
The future of DLT and electronic signatures
So, what’s next for DLT and electronic signatures? How else could we see them being used? As more companies adopt blockchain technology, the concept of DLT being adopted in our personal lives doesn’t seem too far-fetched. Digital signatures could represent you as a digital identity with the help of blockchain technology and the EU has already begun to explore this as part of the Digital Identity Wallet. Businesses that have already implemented and are familiar with DLT will have an advantage over those that are yet to integrate the technology as connecting and linking the Digital Identity Wallet with other distributed ledgers will be relatively easy.
Furthermore, using electronic signatures in combination with DLT could significantly help reduce fraud as its structural design allows permitted users to check for fraudulent activity easily. This in turn lowers banking losses and improves overall operational costs, while enabling financial institutions to leverage the digital signatures for value-added services for their customers.
[1] https://www.smetoday.co.uk/wp-content/uploads/2022/12/Half-year-fraud-update-2021-FINAL.pdf