In May, Krypti – which offers military-grade security based on the systems Visa and Mastercard use to digitally store credit card numbers – will launch what it claims will be the most secure digital wallet available on the market.
Despite years of hype around cryptocurrencies like bitcoin – alongside predictions about the death of cash – take-up of new digital currencies has been disappointing, except among traders attracted by their volatility. Early hopes that they could become an alternative means of payment have so far come to naught, with many suggesting security concerns were keeping the general public away.
The traditional approach has been to store data inside a vault, encrypt what’s inside, then surround it with firewalls to keep bad actors out. But this is no longer fit for purpose, says Steven Russo, executive vice-president and co-founder of Krypti.
“The problem with that today is that hackers have demonstrated that they can get inside these systems and take everything contained within. In addition, today’s encryption schemes no longer offer the necessary protection against quantum or supercomputing. In order to stop the ongoing mass data breaches, the current methods to protect data require change,” says Russo.
Krypti is betting on microtoken exchange (MTE) technology to be that change. MTE involves breaking data up into numerous smaller parts and replacing each with a ‘microtoken’, a random-sized string of characters with no meaningful value to hackers. Only microtokens, which do not contain any piece of the original data, are ever transferred and vulnerable to hackers.
The majority of the microtoken is digital chaff – meaningless characters – with only a small and randomly placed portion relevant for the retrieval of the actual data. On arrival, the microtoken is converted back using a key that can only be activated when both sending and receiving devices are paired, with the key self-destructing upon use.
MTE has been tested by H2L Solutions, an independent cybersecurity firm, which was unable to hack the system.
Russo believes the innovation of MTE has finally resolved the problem of security around digital payments, as well as key movement within blockchain ecosystems. The use of digital currencies will increase rapidly in coming years in response, he predicts.
But improving the security of payments networks themselves may not address the biggest security weakness in payments, argues Tarmo Annus, a developer at Obyte, a cryptocurrency platform. Hackings are usually due to a lack of security on the user side, he notes, for example through weak passwords. Individual users get hacked more regularly than the network itself, he says.
Gabriel Dusil, co-founder of Adel, an incubator for technology start-ups, disagrees: “The most publicized attacks in crypto don't target traders per se, they target the infrastructure. Attackers look for the biggest return for the lowest investment in resources. In doing so, they look for the weakest link to exploit, and often this is it.”
MTE can also be applied to any communication protocol, and to secure any kind of data, whether in motion or at rest. So the technology being used in digital wallets today could soon find its way into more mainstream payments platforms and online banking. Russo says: “Tokenization is gaining popularity and will be more prevalent in both data security as well as payment security. It is already happening.”
But it is unlikely to herald the end of encryption’s role in payments security. Indeed, Krypti still uses encryption itself to secure data at rest. In many cases it works because the cost of the level of computational power required to hack encrypted systems remains prohibitive.
James Bennett, a director at Bitassist, a blockchain consultant, says: “The cost of attacking the network must be greater than the economic reward, or else the network becomes redundant. The relationship between cost and reward is a metric that we monitor closely. Crypto is fundamentally built around economic incentives.”
Bennett believes new forms of encryption will continue to do a lot of the heavy lifting in digital security. “Once quantum computers are available on the open market, in the not-too-distant future, wallets will be encrypted through quantum cryptography. It is a cat-and-mouse game and one that the crypto community is extremely aware of,” he says.