Category: Corda

Can blockchains reduce the impact of data breaches?

~ antonylewis2015 ~ Leave a comment

Another day, another catastrophic data breach.  This time it’s medical records in Singapore, where I live.  At this stage we’re almost immune to this kind of headline:

Cyberattack on Singapore health database steals details of 1.5 million, including Prime Minister (Reuters)

But this is quite bad.  Eileen Yu noted in her piece for ZDNet (my emphasis):

Singapore has suffered its “most serious” data breach, compromising personal data of 1.5 million healthcare patients including that of its Prime Minister Lee Hsien Loong.

The affected users are patients of SingHealth, which is the country’s largest group of healthcare institutions comprising 42 clinical specialties, four public hospitals, five speciality centres, nine polyclinics, as well as three community hospitals.

Non-medical personal details of 1.5 million patients who visited SingHealth’s specialist outpatient clinics and polyclinics between May 1, 2015, and July 4, 2018, had been accessed and copied. The stolen data included patients’ name, national identification number, address, gender, race, and date of birth.

In addition, outpatient medical data of some 160,000 patients were compromised, though, the records were not modified or deleted, said the Ministry of Health and Ministry of Communications and Information (MCI), in a joint statement late-Friday.

Continue reading “Can blockchains reduce the impact of data breaches?”

Please believe my database

~ antonylewis2015 ~ 1 Comment

I was reading Matt Levine’s Money stuff today and was struck by a thought. He writes:

“A national customs agency, for instance, might be happier approving shipments on an auditable open blockchain than in the proprietary database of a particular shipping company.”

This is interesting, but I want to take it one step further.  Blockchain or not, a record of events that have been cryptographically digitally signed, with references to previous transactions could be very useful.

If you are a company, and a regulator or agency asks you for your view on what happened, and you give the regulator an Excel spreadsheet or a normal database extract saying “Here’s what happened, I promise”, this is very weak evidence and can be tampered easily by deleting rows, or removing key words like the names of sanctioned countries, etc.

Continue reading “Please believe my database”

MAS just released Corda for Central Banks… so what?

~ antonylewis2015 ~ Leave a comment

I’m absolutely thrilled to be able to write about the open sourcing of Project Ubin Phase II, a key project that our team has been working on for the past seven months with the Monetary Authority of Singapore (MAS), ten banks, and our partner Accenture.

UbinPhase2
Ubin Phase 2 report

What is Project Ubin?  It’s probably the most advanced starter kit out there for anyone wanting to explore blockchains for banking:

Continue reading “MAS just released Corda for Central Banks… so what?”

Blockchains and central banks – what have we learnt?

~ antonylewis2015 ~ Leave a comment

This article was first posted on r3.com

Over the past couple of years, R3 has worked closely with a number of central banks to explore if distributed ledgers could support their policy goals, and I have had the privilege to participate in a number of these projects.

What have we learnt?  What is important?  What do central banks care about?  While I can’t speak directly for individual organisations, I have collated my own thoughts, and wanted to share these ahead of the Singapore FinTech Festival this year (13-17 Nov) when the results of Singapore’s “Project Ubin” experiments will be announced.

Update (post FinTech Festival): Read about the Open Sourcing of “Corda for Central Banks“!

Continue reading “Blockchains and central banks – what have we learnt?”

The hype around central banks, digital currencies, and blockchains

~ antonylewis2015 ~ 1 Comment

Central banks and blockchainThere has been a lot of hype around central banks, interbank payments, blockchains, and central bank digital currencies (CBDCs), but the narrative has become confusing and often misses the point.  What’s going on?  Actually two independent things are being actively explored:

  1. Decentralisation of interbank payment systems
  2. Wider access to digital central bank money (Central Bank Digital Currencies – CBDCs)

I aim to explain them both in this post.

Continue reading “The hype around central banks, digital currencies, and blockchains”

Blockchains and laws: are they compatible?

~ antonylewis2015 ~ Leave a comment

At conferences and events I often get asked a variation of “Is blockchain regulated?”.  The short answer is no: technology is rarely regulated.  It’s entities who are regulated (especially in finance).

blockchains_and_laws
Blockchains and Laws: are they compatible? A paper I coauthored at R3 with Baker Mckenzie.

Banks need their technology to conform to certain standards – resilience, security, and so on.  The banks (not the technology!) get penalised if they can’t demonstrate high standards with the technology they choose to deploy.  A common rulebook that is adapted for each jurisdiction is called Principles for Financial Market Infrastructures.

But blockchains and distributed ledgers share data, and often business is conducted across borders.  And many countries have data protection laws specifying that certain types of data (eg personally identifying data) need to remain stored on computers within the borders of the country itself.  How do we reconcile data sharing with data protection laws?

Well, instead of thinking about blockchains and distributed ledgers as a mechanism for sharing data (we know data sharing is a solved problem), think of them as “business to business glue” that can make business processes between entities much more efficient.

So, some data absolutely needs to be shared.  In finance that may be some trade details: prices, amounts, delivery dates, etc.  We do this today anyway, bilaterally and via intermediaries.  But we only really want to share this kind of data with the other party (and not the entire network of participants!).  Other data needs to be kept completely internal: customer details and instructions, valuations and profit margins, etc.

Can blockchains and distributed ledger platforms deal with these kinds of requirements?  Absolutely – R3’s Corda was built specifically for this.

In my role as Director of Research at R3, I recently coauthored Blockchains and Laws: are they compatible? with Baker Mckenzie, the world’s leading cross border law firm.  If you’re into that kind of thing, it’s well worth a read.

R3’s cutting edge research and thought leadership is also now available as a separate offering to consortium membership – here’s a selection of papers that R3 has produced.

Blockchains and cyberwar: Why the next wave of interbank settlement systems will be decentralised

~ antonylewis2015 ~ Leave a comment

Currently a number of central banks around the world are exploring two things:

  1. A decentralised interbank payment system
  2. A central bank digital currency

Though often conflated, these are slightly different concepts.  You can decentralise your interbank payment systems without allowing the public to have digital access to the central bank’s balance sheet, and vice versa.

This short post is about the first set of experiments: decentralising the interbank payment systems.

Continue reading “Blockchains and cyberwar: Why the next wave of interbank settlement systems will be decentralised”

A gentle introduction to self-sovereign identity

~ antonylewis2015 ~ 3 Comments

In May 2017, the Indian Centre for Internet and Society think tank published a report detailing the ways in which India’s national identity database (Aadhaar) is leaking potentially compromising personal information. The information relates to over 130 million Indian nationals.  The leaks create a great opportunity for financial fraud, and cause irreversible harm to the privacy of the individuals concerned.

It is clear that the central identity repository model has deficiencies.  This post describes a new paradigm for managing our digital identities: se
Continue reading “A gentle introduction to self-sovereign identity”

Three common misconceptions about smart contracts

~ antonylewis2015 ~ 2 Comments

There is a lot of misleading commentary about smart contracts, leading to confusion about what they are and what they can do. Here are three of the most common myths that I have noticed. This builds on a previous piece, a gentle introduction to smart contracts.

Myth: Smart contracts are self-executing bits of code

Continue reading “Three common misconceptions about smart contracts”