blog-why-are-permissioned-blockchains-a-great-fit-for-banking

Why Are Permissioned Blockchains a Great Fit for Banking - A Case Study of the Corda Architecture

Permissioned blockchain networks are blockchain networks that are not public, e.g., they require users to apply for membership in order to gain access to them. Such blockchain networks use specific software to operate.

Permissioned Blockchains

Usually, permissioned blockchains differ from simple ‘private’ blockchains in the sense that there are multiple layers requiring special permissions to operate. Usually, there are also control mechanisms and eventually centralized control mechanisms that operate at the top of the permission-hierarchy.

Blockchains are not standardized

It must be noted that “blockchains” are not standardized or regulated. As such, they aren’t formally subject to fixed specifications. In fact, the term “blockchain” represents a sum of knowledge, experience, practices, and concepts, that mostly originated from “public” blockchain networks, including the Bitcoin network, the Ethereum network, and other cryptocurrency networks.

Differentiating between software and Blockchain networks

It is a common mistake to confuse the software used for these blockchain networks to operate and the blockchain network itself.

Software used in permissioned blockchains

The most ‘popular’ software used to build permissioned blockchain networks are: 

  • The Hyperledger project, Fabric, etc.
  • Quorum
  • Riddle
  • Corda

Permissioned blockchain networks

Permissioned blockchain networks can be used for non-public cryptocurrencies. They can also be used for a wide range of industries, including:

  • Banking
  • Academy/Schools
  • Real Estate
  • Notary
  • Insurance
  • Public sector
  • Healthcare
  • Industrial production
  • Gun control

The main goal of blockchain networks and especially permissioned blockchain networks is to prevent fraud, counterfeit or forged documents, and collusion among rogue authorities to deceive validation or legal controls. Potentially any business or legal entity that needs to validate documents, or certify the origin of a product, may benefit from blockchain networks.

Blockchain networks are decentralized networks and their power comes from the forced cooperation between distrusting parties, thus reducing the risk of an ‘inside’ criminal conspiracy against a system.

There is virtually no limit to their application since they can be introduced into any system that produces secure documents, certificates, and validation.

Blockchain does not remove the signatures whether they are digital or not, instead, it enforces it by chaining the signatures among different users of the blockchain.

Cryptocurrencies are using blockchains to ensure the validity of transactions and prevent double-spending of digital currency. In fact in public blockchains, the cryptocurrencies and the blockchain are usually parts of each other.

In permissioned networks, there is a wide variety of usage and since there are no set ‘rules’ for creating a blockchain network, permissioned blockchains can use a mixture of centralized and decentralized features, and any entity is free to build their own permissioned blockchain network as they need it.

Architectures to prevent "inner fraud" through "collective control"

The end-goal of a blockchain is almost always to prevent inner fraud from within a network of users (banks, notaries, insurances, etc.). The way that blockchains can prevent fraud from within a system is by creating a chained record of blocks that grows over time, and where the records are under ‘collective’ control and validation.

Here we summarize the power of blockchain architectures: 

Permission graph

 

  • They can quickly validate transactions without involving a slow hierarchical chain of controls
  • They provide ledgers made of immutable, irrefragable, unalterable transaction records, and as such, they are fully auditable
  • They provide resistance to fraud, counterfeiting, forging by using ‘collective’ controls and validations
  • They reduce costs by removing unnecessary third parties 

To illustrate the theoretical concept introduced above, we will now examine how the Corda system works in building permissioned blockchains.

The Corda Framework

Corda is a framework used to develop and eventually run blockchain applications for private and business use. This framework offers a wide range of scenarios, with different consensus models. Algorithms such as MultiSig or RAFT can be used. 

The blockchain applications that Corda develops are named “CorDapps.” They are published in a marketplace. They are classified by category (digital assets, digital cash and payments, digital identity, insurance, etc.) or by industry (motor vehicles, banks, legal, energy, natural resources, etc).

Some examples of CorDapps developed for the insurance market:

  • Personal Auto Claims Management
  • MIDAS
  • Distributed Insurance Sales
  • Workers Comp Claims Process

The Corda network provides the infrastructure needed to run a Corda blockchain application. It provides identity services, notary services, and other similar services. 

Why Are Permissioned Blockchains a Good Fit for Banking and Financial Services?

Banking Corda Applications

There is a whole set of banking CorDapps. They can be found in the Corda marketplace directory under the “Digital Cash & Payment” section.

For example, Corda allows the development of e-currency which is very close to a CBDC project. The e-money blockchain project developed by Commerzbank and Daimler trucks using Corda is a good example.

In the e-money system, truck drivers receive e-euros for different purposes. The main purpose is for fuel payment. E-euros can be converted to fiat money. The reason is to prevent scams and fraud involving cloning fuel payment cards or enforcing the actual fuel payment cards systems.

Corda offers blockchain technology for banking without the problems of “traditional” blockchain networks:

  • Corda does not allow unauthorized parties to see data 
  • Corda is mostly decentralized
  • Corda provides consensus at the user level
  • Corda transactions are validated by the actors of the transactions and not by ‘foreign’ distant users without relation to the transaction
  • Corda provides a lot of different consensus mechanisms
  • Corda links smart contracts formal description with legal humanly-readable documents
  • Corda does not provide a native cryptocurrency

Permissioned Blockchains for the Banking Industry

The previous Corda example shows why banks need permissioned blockchains.

Permissioned blockchains are private blockchains equipped with permission access that fits the hierarchical structure of a typical bank organization.

Let’s consider the SWIFT example

Today, a SWIFT message is an established way for communicating and passing transactions. Such a SWIFT message will not be cleared until all the parties have screened and validated the message. This is time-consuming and costly. With a blockchain system, the SWIFT transaction can be validated and signed in an extremely fast way. 

  • Blockchain allows banks to use smart contracts. This can dramatically reduce the number of intermediary parties, thus reducing costs.
  • Blockchain also allows banks to get rid of centralized databases that are more prone to attacks than the typical blockchain decentralized ones. 
  • Finally, permissioned blockchains do not use proof-of-work, which is costly and inordinate for banks. Instead, they rather use consensus, making extensive use of PKI and cryptographic security.

It may seem paradoxical that a technology initially designed to replace banks could be used by the same banks to enforce the security of their systems and increase their profitability. But on the other hand, it also demonstrates how technology works and how good concepts can be reused in different industries. In fact, it just proves that banks must adapt to the blockchain ecosystem in order to stay competitive. 

Conclusion

This goal of this article was to describe and explain why permissioned blockchains with banking-grade HSMs are a good fit for banks.

Permissioned blockchains:

  • Provide suitable identification and permissions in order for users to access the network
  • Rely mostly on PKI for consensus
  • Offer most of the benefits of the public blockchains (without the inconveniences)
  • Are auditable
  • Have a strong potential for saving significant amounts of transaction time and costs

References and Further Reading

  • Learn more about Utimaco's HSMs for blockchains
  • More articles on permissioned blockchains on our blog (2018 - today), by Martin Rupp, Priyank Kumar, Ulrich Scholten, Asim Mehmood, Dawn M. Turner and more
  • More articles on eIDAS on our blog (2018 - today), by Gaurav Sharma, David McNeal and more
  • More articles on HSMs on our blog (2018 - today) by Terry Anton, Dawn M. Turner and more

Blog post by Martin Rupp, Priyank Kumar and Ulrich Scholten

To find more blog posts related with below topics, click on one of the keywords:
Contact us

All Blog posts

How can we help you?

Talk to one of our specialists and find out how Utimaco can support you today.
You have selected two different types of downloads, so you need to submit different forms which you can select via the two tabs.

Your download request(s):

    By submitting below form you will receive links for your selected downloads.

    Your download request(s):

      For this type of documents, your e-mail address needs to be verified. You will receive the links for your selected downloads via e-mail after submitting below form.

      Your collection of download requests is empty. Visit our Downloads section and select from resources such as data sheets, white papers, webinar recordings and much more. 

      Downloads

       

      How can we help you futher?

      0