Bitcoin has not only changed the way we think about money, privacy, and payment systems but also ushered in a new way of thinking about security. Digital data has always been valuable, but now that Bitcoin has emerged we’re now getting used to a world where data equals money. The incentives to steal data are higher than ever now as evidenced by malicious ransomware like CryptoLocker.
The paradigm surrounding cyber security has been focused on enterprise models where servers are globally accessible on the internet. Since these servers are centralized they make valuable targets for hackers and there’s also the problem of having to trust the server operators.
In this talk, Airbitz co-founder and CEO Paul Puey describes the problem with traditional cyber security models and how the technology his team has developed, called Edge Security, is focused on solving the issues created by enterprise systems. Several bitcoin wallets already employ facets of Edge Security.
Edge Security changes the cyber security conversation by securing the personal devices of end-users such as phones, tablets, etc., rather than trying to secure the central servers where data is held. This process is more effective than current models for a few reasons:
1. Value/data is secured at the edge first. No user account data is transmitted from the device before it’s encrypted, and cannot be viewed or accessed by the service provider. This means that instead of user accounts being stored in one concentrated location that that aggregates all the valuable data and is a huge incentive to attack, the data is stored in small encrypted files and the value is much harder to find. If hackers don’t know where the value is held it becomes harder to steal. More resources are required and more devices need to be attacked to find this value and the payoff is nowhere near as high as hacking a traditional enterprise server. By removing the incentives for hackers, users can have a safer experience.
2. Protecting data from user error. Human error, not theft, has caused the loss of thousands of bitcoin because we’re not always great with physical security or remembering to back up our data. By using a platform that automatically backs up your data, you are protected from the most common cause of losing valuable information. Edge Security makes this happen without the user even thinking about it which is a standard we’ve grown accustomed to when using other forms of tech — we like things that “just work” and automatic back ups for valuable data are long overdue. As Bitcoin has increased the incentive for properly backing up because your literal wealth is at stake, our Edge Security platform has automated the process and expanded it.
3. Data is still easily accessible. By securing the data at the local level on the client-side, it’s just as easy for the user to access and they have the rare benefit of exclusive control over their data. Encryption provides the strong security needed for personal data and synchronization makes it easy to access across multiple devices all the while being automatically backed up so there’s no worry of lost data. In the same way our mobile app through synchronization ensures you can access all of your bitcoin even if your device is lost, the Edge Security platform it’s built upon enables developers to create apps where users are in complete control of their private messages, their IoT devices, their password manager key files, healthcare records, blockchain data other than Bitcoin, and many other potential applications.
These three elements of Edge Security remove the formerly difficult part of security which is that users did not know how to or take the time to secure their data. Attaining a high level of security while making the data easily accessible is now possible when these facets of Edge Security are running in the background. Our mobile app applies all of these elements to Bitcoin in the background but can be used to secure multiple kinds of data from Internet of Things devices needing to share information to sensitive financial information held by programs like Quickbooks.
Bitcoin inspired Edge Security opens up the door for thousands of use cases and can even eliminate the need for multiple, tedious usernames and passwords. Easy to guess passwords are frequently used by the average internet user and result in severe compromises of private data. BitID is one implementation of public/private key authentication inspired by Bitcoin that we are excited to make available to users of our app. BitID also simplifies logins across applications and websites while making authentication more secure. It’s a rare case where both convenience and security can be dramatically improved.
Bitcoin has brought the weaknesses of centralization to the forefront of security discussions in multiple areas. To see Paul’s talk in its entirety watch the video below from Bitcoin Investor 2015.