Blockchain is a way to rapidly exchange digital assets — such as payments, photos and contracts — between two or more parties in a secure, verifiable and auditable process that doesn’t require a middleman. Each party in the network has its own copy of the blockchain attached to every asset. As long as the chains are in sync, all parties can be confident that the asset or transaction is valid.

What Is Blockchain?

If you’re familiar with peer-to-peer file-sharing network like BitTorrent, or if you synchronize files between multiple computers using a service like Dropbox, you have a basic understanding of how the network works. With BitTorrent, each computer shares files with others on the network. Files are constantly kept in sync so that everyone has the same copy. Updated copies are replicated to everyone who has a copy of that file.

Blockchain adds a persistent code and security layer to the process. The code — or block — is unique to that asset and stays with it forever. Blocks are time-stamped and protected with encryption that is considered unbreakable. The blockchain record on each computer in the network is called a ledger.

Each time the asset is modified, a new block is added, creating a chain (hence the term). All parties in the network receive a copy of the updated asset with the new blockchain. As long as the blockchains match, there can be no question about authenticity; if any blockchain doesn’t match the others, the asset is considered invalid and the update is rejected. Updates happen very quickly, usually in milliseconds.

Beyond Bitcoin

Blockchain is most commonly associated with bitcoin, a digital currency that can be exchanged without the need for banks, clearinghouses or other intermediaries. Bitcoin transactions are instantaneous and are considered highly secure.

However, blockchain can be used in many other ways. For example, a professional photographer could add a blockchain to verify the authenticity of copyrighted photos. Copies of the photos that lack the verified blockchain could then be pegged as fraudulent. The same goes for titles, deeds, contracts and any other documents that need to be exchanged between multiple parties in a trust network.

Blockchains can also be used to create digital records of use and payments to content creators. The technology can expedite transactions and ensure that all parties have a right to use the copyrighted material.

Blockchains can be public or private, with the rules set by the parties involved. Private blockchains may have lower levels of security if the parties already trust each other; bitcoin is a highly secure network precisely because anyone can use it.

Why It Matters

For industries whose processes can frequently be delayed due to the need for third-party verification, such as banking, blockchain reduces costs and speeds up the settlement of transactions. Instead of waiting days for a check to clear, a payment can be verified in seconds. There’s also less risk that payments will have to be denied because funds are unavailable. There’s no more “playing the float” since account debits and credits are instantaneous.

By removing the need for a middleman, blockchain also enhances security. The more parties involved in a transaction, the greater the risk that one could be compromised. But in a blockchain network, transactions happen directly between parties, so there’s less chance of failure at one of the handoff points.

Corporate record keeping could also be dramatically simplified, with the need for validation mechanisms like notaries and third-party signatories reduced. Corporations that produce assets in digital form could track their use with greater precision and generate royalty and licensing revenues that might otherwise be lost.

Trends to Watch

Banks are banding together to compensate for one of blockchain’s weaknesses: transparency that makes it vulnerable to third-party snoops. A consortium of 53 banks is currently working to improve privacy in blockchain transactions.

The Linux Foundation has announced a major new initiative called Hyperledger, which will build blockchains with a series of standard protocols and processes that could be used by a wide variety of industries. With this and other advancements, blockchain may be the salve for managing and securing patient records in the health care industry.

If you want to learn more about blockchain, IBM has a host of software, training resources and community support. You can also experiment with ways to use blockchain for your business at the IBM Bluemix Garage for blockchain.

More from Banking & Finance

PixPirate: The Brazilian financial malware you can’t see

10 min read - Malicious software always aims to stay hidden, making itself invisible so the victims can’t detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan (RAT) malware that heavily utilizes anti-research techniques. This malware’s infection vector is based on two malicious apps: a downloader and a droppee. Operating together, these two apps communicate with each other to execute the fraud. So far, IBM Trusteer researchers have observed this…

New Fakext malware targets Latin American banks

6 min read - This article was made possible thanks to contributions from Itzhak Chimino, Michael Gal and Liran Tiebloom. Browser extensions have become integral to our online experience. From productivity tools to entertainment add-ons, these small software modules offer customized features to suit individual preferences. Unfortunately, extensions can prove useful to malicious actors as well. Capitalizing on the favorable characteristics of an add-on, an attacker can leverage attributes like persistence, seamless installation, elevated privileges and unencrypted data exposure to distribute and operate banking…

DORA and your quantum-safe cryptography migration

5 min read - Quantum computing is a new paradigm with the potential to tackle problems that classical computers cannot solve today. Unfortunately, this also introduces threats to the digital economy and particularly the financial sector.The Digital Operational Resilience Act (DORA) is a regulatory framework that introduces uniform requirements across the European Union (EU) to achieve a "high level of operational resilience" in the financial services sector. Entities covered by DORA — such as credit institutions, payment institutions, insurance undertakings, information and communication technology…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today