Blog

Bringing Blockchain into the Mainstream

Privacy & Security

While it is Bitcoin that regularly makes the news as its price peaks and troughs, it is the technology behind the cryptocurrency that has long excited observers. By enabling trusted digital relationships without a centralized administration, Blockchain technology has been heralded as the future for any number of diverse industries, from journalism to insurance to mobile payments amongst many others. Blockchain is often compared to the Internet, but there are significant differences. While the Internet, for the most part, is platform for sharing information, blockchain is for transacting value. To reach mainstream adoption, Blockchain communities need to understand and emulate how we currently move money and other valuables in the real world.

Integrating Blockchain and Non-Blockchain Applications

In addition to new applications, Blockchain can bring new levels of decentralization to existing applications. For example, a Blockchain registry of real estate sales integrated with property insurance applications could issue policies on behalf of purchasers of real estate. But this can happen only if Blockchain systems can integrate with existing applications and maintain high levels of security and provides the features people expect. For example, what happens if I lose my private key? What if I want my partner to authorize the transfer for me via a power of attorney? Can I add another layer of security based on the location of the recipient? Again, these are the kinds of features found in real world methods of transferring value and will need to be replicated in blockchain communities.

Smart contracts are digital contracts that can execute agreed upon actions. They are implemented as code, which carries out the actions and enforces obligations of the parties involved. They can help on-chain applications interface with off-chain applications. For example, tyntec's 2FA Smart Contract is used to trigger a two-factor authentication (2FA) solution that exists off-chain. Since Blockchain cannot access ('call') the Internet directly, when the 2FA user (who is on-chain) asks to validate a one-time passcode (OTP), tyntec’s 2FA smart contact (acting as an agent) provides the hash containing the OTP that it received via the 2FA API that's in the real world – resulting in integrating on-chain and off-chain applications.

Adding Real World Functionality to Blockchain

Blockchains can use public key cryptography to authenticate users. This method uses a pair of cryptographic keys known as a private key and a public key. As the names imply, the private key should be kept secret while the public key can be shared with others. If the private key is stolen, fraudsters can use the stolen key to sign transactions as the owner and steal cryptos from the digital wallet.

Many of the concerns around using Blockchain center around how to do things on the Blockchain that we can do in off-chain transactions. For example, if someone were incapacitated, how could a spouse access their digital wallet? In that case, the user can have a service send a 2FA verification code sent to the spouse's phone, and with that he can access my wallet without even having my private key. This same mechanism can work even when a private key is lost. It is essential for wider adoption of Blockchain to have mechanisms that provide an alternative verification method.

It is common practice now to use two forms of identification, or factors, when authenticating to systems that require high security. The two forms could be a password and temporary code sent to a device that the person has. One time passwords (OTP) sent to phones are a common type of second factor. Using multi factor authentication would prevent a malicious attacker from posing as someone else even if the attacker had stolen the person's private key.

Multifactor authentication is possible with blockchain with the use of smart contracts and a third party OTP provider. The authentication process would begin with a smart contract contacting the OTP provider. The smart contract would provide information, including an origination address, a recipient address, and a phone number to receive the one time password. The OTP provider would then generate and delivers a password, creates a hash, and stores it on the provider's smart contract on the blockchain. The smart contract would validate this information and confirm the identity of the user. In fact, this technology has already been integrated into a blockchain-based banking backbone called Raay developed by Datarella, using tyntec's 2FA Smart Contract.

Putting It Together: Smart Contracts Enable Hybrid Applications

Smart contracts are the most transformative application currently used on Blockchain, according to researchers at Harvard Business School. They are important for executing multi-step business transactions but they are also a key component for helping on-chain applications to connect with off-chain solutions to improve security and usability in order for Blockchain applications to meet the mainstream requirements. This will allow greater integration with off-chain applications since Blockchain will support the same levels of strong authentication that many enterprise applications already use. Insurance companies can integrate their underwriting systems with Blockchain-based systems that track the provenance of high valued personal property. Companies in complex supply chains can use Blockchain applications to track the flow of good and execute payments as conditions of payment are met.

The ability to execute smart contracts fosters a level of trust and enables real world functionality that will broaden the adoption of innovative applications in areas that are currently slowed by the need for human intervention.

Profile picture for user Jean By Jean Shin
Share: