July 6, 2016 By Koen Van Impe 4 min read

Blockchain technology has become one of the hottest trending topics within the computer world in the last couple years. The public has primarily come in contact with blockchains through the use of bitcoins, but there’s more to blockchains than cryptocurrency.

What Is Blockchain Technology?

What is a blockchain? Very simply put, a blockchain is a database that maintains a continuously growing set of data records. It is distributed in nature, meaning that there is no master computer holding the entire chain. Rather, the participating nodes have a copy of the chain. It’s also ever-growing — data records are only added to the chain.

A blockchain consists of two types of elements:

  • Transactions are the actions created by the participants in the system.
  • Blocks record these transactions and make sure they are in the correct sequence and have not been tampered with. Blocks also record a time stamp when the transactions were added.

What Are Some Advantages?

The big advantage of blockchain is that it’s public. Everyone participating can see the blocks and the transactions stored in them. This doesn’t mean everyone can see the actual content of your transaction, however; that’s protected by your private key.

A blockchain is decentralized, so there is no single authority that can approve the transactions or set specific rules to have transactions accepted. That means there’s a huge amount of trust involved since all the participants in the network have to reach a consensus to accept transactions.

Most importantly, it’s secure. The database can only be extended and previous records cannot be changed (at least, there’s a very high cost if someone wants to alter previous records).

How Does It Work?

When someone wants to add a transaction to the chain, all the participants in the network will validate it. They do this by applying an algorithm to the transaction to verify its validity. What exactly is understood by “valid” is defined by the blockchain system and can differ between systems. Then it is up to a majority of the participants to agree that the transaction is valid.

A set of approved transactions are then bundled in a block, which gets sent to all the nodes in the network. They in turn validate the new block. Each successive block contains a hash, which is a unique fingerprint, of the previous block.

Different Types of Blockchains

There are two main types of blockchains:

  • In a public blockchain, everyone can read or write data. Some public blockchains limit the access to just reading or writing. Bitcoin, for example, uses an approach where anyone can write.
  • In a private blockchain, all the participants are known and trusted. This is useful when the blockchain is used between companies that belong to the same legal mother entity.

Practical Implementations of Blockchain Technology

Bitcoins

One of the most well-known implementations of the blockchain technology is bitcoin, a digital payment system.

Bitcoin technology is used for various valid transactions and payments, but the bad guys have also made use of it. Many recent forms of ransomware request victims pay a certain number of bitcoins to get their files unlocked. We’ve also seen bitcoin being used in various extortion schemes. For example, attackers threaten to launch a distributed denial-of-service (DDoS) attack if you don’t pay ransom in bitcoin.

There’s not a single instance that controls bitcoins. The distributed nature of the technology allows for a decentralized ecosystem. Because bitcoins deal with real payments and there’s no physical coin, it’s also important that participants are not able to spend the money more than once or undo a payment once the service has been received. The system also must ensure users cannot spend money that doesn’t belong to them. All of this is provided by the underlying technology, together with some extras.

Ethereum

But bitcoin isn’t the only system that employs blockchains. Ethereum is a system for building decentralized applications that uses blockchains. These applications then perform transactions according to certain rules, called a contract. Don’t look at this as a legal contract — it’s merely a trigger for an application to carry out code when it receives a transaction. That makes a great solution for the Internet of Things (IoT).

Let’s look at a practical example: You have storage space you’d like to put up for rent. In a traditional model, you have to employ a third party that handles the payment. Most of the time, this requires you to give some sort of fee to that middleman.

With the new solutions on Ethereum, you can imagine a situation in which the lock to the storage space only opens when a transaction has been performed (the payment by your customer, directly to you). Once the space is no longer needed, the customer can relock your space, and that transaction automatically triggers a new payment (maybe including some costs for cleanup, etc.).

There is still payment involved, but you no longer need to pay a fee to a third party. The use of the service is all handled by what’s called a smart contract.

Cutting Out the Middleman

In the traditional banking world, you still have to pay some sort of fee to banks handling your money. With blockchain technology this could be removed, reducing the global cost for conducting financial transactions. But not everyone agrees that removing the middleman entirely is feasible.

A report published by the SWIFT Institute argued that the technology does not entirely remove the need for third parties, even if it demands a “substantial re-engineering of business processes across multiple securities market firms.” However, this should be put in context since SWIFT provides a network for secure and reliable financial transactions.

Conclusion

Although blockchain technology is not that new of a technology, the practical implementations that go beyond the traditional digital payment system are still relatively young.

The IoT requires us all to solve a lot of new challenges. Providing technologies that allow for secure, fast transactions between the participants in that new world is just one of those obstacles. The traditional model of having a mediator between service and user must evolve.

As with all new technologies, these will also introduce their own set of security issues. Large-scale attacks on smart contracts have yet to materialize, but we’ve already seen the first reports on vulnerabilities that could lead to them. Don’t be afraid of new technologies, but use common sense when you adopt them in your environment.

More from Banking & Finance

Black Friday chaos: The return of Gozi malware

4 min read - On November 29th, 2024, Black Friday, shoppers flooded online stores to grab the best deals of the year. But while consumers were busy filling their carts, cyber criminals were also seizing the opportunity to exploit the shopping frenzy. Our system detected a significant surge in Gozi malware activity, targeting financial institutions across North America. The Black Friday connection Black Friday creates an ideal environment for cyber criminals to thrive. The combination of skyrocketing transaction volumes, a surge in online activity…

What’s up India? PixPirate is back and spreading via WhatsApp

8 min read - This blog post is the continuation of a previous blog regarding PixPirate malware. If you haven’t read the initial post, please take a couple of minutes to get caught up before diving into this content. PixPirate malware consists of two components: a downloader application and a droppee application, and both are custom-made and operated by the same fraudster group. Although the traditional role of a downloader is to install the droppee on the victim device, with PixPirate, the downloader also…

Exploring DORA: How to manage ICT incidents and minimize cyber threat risks

3 min read - As cybersecurity breaches continue to rise globally, institutions handling sensitive information are particularly vulnerable. In 2024, the average cost of a data breach in the financial sector reached $6.08 million, making it the second hardest hit after healthcare, according to IBM's 2024 Cost of a Data Breach report. This underscores the need for robust IT security regulations in critical sectors.More than just a defensive measure, compliance with security regulations helps organizations reduce risk, strengthen operational resilience and enhance customer trust.…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today