Bank Blog Crypto

Bank Blog Publication: WHERE BITCOINS MEET HIGH SECURITY FACILITIES

State-of-the-art crypto custody

by JOCHEN WERNE

Original published in German at DER-BANK-BLOG. Please click HERE Translation created with DeepL.com

14 February 2022

Digital assets are as safe as their encryption? Unfortunately not. After all, the dangers do not only come from hackers. Security must be thought of more broadly, as examples of state-of-the-art crypto custody solutions show.

The protection of crypto assets can only be guaranteed if there is a clear awareness of the dangers. Attacks on digital assets such as cryptocurrencies or asstes no longer end with the numerous attack vectors of cyberattacks, but unfortunately already extend to the use of physical force against their owners. It is therefore important to raise awareness of possible dangers, as shown by examples of the state of today’s state-of-the-art crypto custody solutions.

According to Investing.com, the total number of cryptocurrencies as of 12 December 2021 is 9,004 with a total market capitalisation of US$2.24 trillion. After Bitcoin, Ether, XRP, Litecoin and co, the Libra Coin initiated by Facebook received unprecedented media attention, triggered by the announcement of the project alone. And the emotionality and sharpness with which the discussion was conducted shows how seriously the topic is taken internationally at the state level. It is about reputation, influence, control, responsibility and only in the last instance about technology. And for every investor, it is first and foremost about protecting his assets.

The right sense of danger

In the future, protecting our assets will not just mean keeping our wallet in the deepest pocket of our jacket or handbag or turning the key to our flat twice in the lock. In the future, we will have invested part of the fruits of our labour, our fortunes, in crypto investments and cryptocurrencies. This part of our wealth needs to be kept safe, and we need to understand exactly where and how. This requires that we understand the risks. The sense of danger must therefore adapt, as must the lure of the new opportunities. For this, it is of utmost importance to understand the real dangers and to take appropriate protective measures.

As yet, however, this sense does not seem to be all that pronounced. According to Slowmist Hacked , which specialises in aggregating information on detected attacks on blockchain projects, apps and tokens, the total amount of crypto assets stolen in 122 different attacks in 2020 is $3.78 billion. Even though the evaluation is based on the Bitcoin peaks of January 2021, it clearly shows the importance of greater efficiency in security.

In comparison, only 1.63 billion US dollars were captured in the ten largest bank robberies of all time. Considering that the largest robbery took place when dictator Saddam Hussein ordered his son Qusay to withdraw nearly US$1 billion from Iraq’s central bank with a handwritten note, and the tenth largest robbery netted the perpetrators just US$18.9 million, crypto-cybercrime has become an extremely lucrative business.

Crypto custody: Do hot and cold wallets offer sufficient security?

The famous military scientist Carl von Clausewitz argued in the early 19th century: “An army on the defensive, without fortifications, has a hundred vulnerable points; it is a body without armour”. “We must always retain sufficient forces beyond the garrisons to be a match for the enemy in the open field, unless we can rely on the arrival of an ally to relieve our fortresses and free our army.” In cryptocurrencies, the wallet is the fortress and the blockchain – the distributed ledger – is the army in the open field. It is the job of modern crypto custodians – as guardians of their clients’ assets – to ask themselves daily what additional measures can be taken to best protect cryptocurrencies and crypto assets.

Crypto custody solutions typically involve a combination of hot storage or crypto custody that is connected to the internet and cold storage or crypto custody that is not. Rakesh Sharma comments on Investopia, “Both types of storage have advantages and disadvantages. For example, hot storage is connected to the internet and therefore offers better liquidity. But hot storage options can be vulnerable to hacks due to online presence. Cold storage solutions offer more security. However, it can be difficult to generate liquidity from crypto holdings in the short term because they are offline. Vaulting is a combination of both types of cryptocurrency custody solutions, where the majority of funds are stored offline and can only be accessed with a private key.”

The risk of becoming a victim of physical violence in private crypto custody

The risk of theft of crypto assets is no longer solely about digital robbery in cyberattacks and hacks. Physical violence against the owner of crypto assets or threats to family members is already sadly present. In November 2021, for example, the American co-founder of Tuenti, once billed as the Spanish Facebook, Zaryn Dentzel, was the victim of such an attack in his private Madrid flat.

Dentzel stated on record that the gangsters beat him and stabbed him in the chest with a knife while shooting him several times with a Taser.

Thus it becomes clear that the protection of crypto-assets must also go hand in hand with the fact that a perpetrator who is prepared to use physical force understands in advance that his alleged victim does not readily have power of disposal over his total crypto-assets. Cold storage not at home, but in a cold space, for example a high-security facility, can provide the necessary protection.

State of the art crypto storage meets high security facilities

In July 2021, Prosegur Crypto – the crypto custody subsidiary of Prosegur, one of the largest security companies in the world – announced the creation of the world’s first “digital asset custody bunker”. The consistent combination of a physically and digitally inaccessible environment here is unique to date.

In collaboration with cybersecurity company GK8, Prosegur Crypto brings together all the infrastructure, facilities, technologies and security protocols required to minimise all risk areas identified in the digital asset custody chain.

The solution consists of state-of-the-art cyber security systems provided by GK8’s patented technology and the highest level of a military-grade secured protection environment. It is based on a “360° inaccessibility” approach, mapping over 100 protection measures into 6 integrated layers of security. This ensures the highest possible protection against physical and cyber attacks.

The HSM (hardware security module, a device that generates, stores and protects cryptographic keys) is housed in a military grade briefcase within the high security vault. This vault is only accessible to a limited number of people who manage the data manually and offline. Staff have restricted access to the information they handle to avoid any risk of internal theft and work from a secure facility where there is no risk of physical attack, copying or theft of systems or passwords. In the event of an unauthorised attempt to access the HSM, its contents are permanently deleted. Immediately, a recovery plan is activated, including a protocol for recovering private keys using seeds located in various other vaults.

The module is connected to an MPC (Multi-party Computation) system, which provides a fast signature process on a state-of-the-art computer network and generates transactions on the blockchain without a direct internet connection. This minimises the possibility of fraudulent access and eliminates any potential vector for cyber attacks. These system features are patented and represent a highly differentiated offering in the market.

Plea for openness: danger recognised – danger averted

The analysis shows that from Clausewitz to the latest developments in cyber security and crypto-custody, the security perspective has hardly changed. The more you rely on a single system or fortress, the more vulnerable you are. It’s all about layered security, which makes it time-consuming and very costly for attackers to get what they desperately want.

We are still only at the beginning of a new era for our monetary systems. An era driven by technology in which it is increasingly important for every actor to develop a good understanding of it in order to build sustainable ones. Technology has never been right or wrong, only the way we humans use it can make it so.

New technologies offer the opportunity to make our world more prosperous for all – let’s use it!

Hot off the press AIRWA

Hot off the press: AIRWA-Journal published

HOT OFF THE PRESS

It was a inspiring holding in hand the first edition of the JOURNAL OF AI, ROBOTICS & WORKPLACE AUTOMATION published by Henry Stewart Publications

We are pleased to give everyone the opportunity to download the entire article POINT OF NO RETURN by Jochen Werne & Johannes Winter here: https://lnkd.in/dmi9i9aB

The inspiring articles and case studies published in Volume 1 Number 1 are:

Editorial
Tom Davenport, Distinguished Professor, Babson College, Research Fellow, MIT Center for Digital Business and Senior Advisor, Deloitte Institute for Research and Practice in Analytics

Practice papers:

  • The path to AI in procurement by Phil Morgan, Senior Director, Electronic Arts (EA)
  • How to kickstart an AI venture without proprietary data: AI start-ups have a chicken and egg problem — here is how to solve it by Kartik Hosanagar, Professor, The Wharton School of University of Pennsylvania and Monisha Gulabani, Research Assistant, Wharton UK AI Studio
  • Towards a capability assessment model for the comprehension and adoption of AI in organisations by Tom Butler PhD MSc, Professor, Angelina Espinoza-Limón, Research Fellow and Selja Seppälä, Research Fellow, University College Cork, Ireland
  • The path to autonomous driving by Sudha Jamthe, Technology Futurist and Ananya Sen, Product Manager and Software Engineer
  • Point of no return: Turning data into value by Jochen Werne, Chief Visionary Officer, Prosegur Germany and Johannes Winter, Managing Director, Plattform Lernende Systeme – Germany’s AI Platform
  • Robotic process automation and the power of automation in the workplace by Raj Samra, Senior Manager, PwC
  • Difficult decisions in uncertain times: AI and automation in commercial lending by Sean Hunter, Chief Information Officer and Onur Güzey, Head of Artificial Intelligence, OakNorth
  • The intelligent, experiential and competitive workplace: Part 1 by Peter Miscovich, Managing Director, Strategy + Innovation, JLL Technologies
  • Responding to ethics being a data protection building block for AI by Henry Chang, Adjunct Associate Professor, The University of Hong Kong
  • Legal issues arising from the use of artificial intelligence in government tax administration and decision making by Liz Bishop Barrister, Ground Floor Wentworth Chambers

Comment: Crypto regulation

The crypto market has become and will remain an undeniable part of our financial system and Germany has become the frontrunner in regulating the market

Jochen Werne

The German Act Implementing the Amending Directive on the Fourth EU Anti-Money Laundering Directive (Federal Law Gazette I of 19 December 2019, p. 2602 (Gesetz zur Umsetzung der Änderungsrichtlinie zur Vierten EU-Geldwäscherichtlinie) has included crypto custody business in the German Banking Act (Kreditwesengesetz – KWG) as a new financial service. Since the Act came into force on 1 January 2020, undertakings wishing to provide this service are required to apply for an authorisation from BaFin.

One of the prerequisites receiving the authorisation is the proof the the managing directors of an institution must be qualified and reliable and devote sufficient time to the performance of their duties (section 25c (1) of the KWG). This also applies for the conduct of crypto custody business within the meaning of section 1 (1a) sentence 2 no. 6 of the KWG. A managing director’s lack of qualifications will constitute a ground for denial of authorisation (section 33 (1) no. 4 of the KWG).

Aside from the fact that lifelong learning is a MUST for leaders in our rapidly changing technology-driven environment, the crypto regulation Germany has opted for underscores an important point: “The crypto market has become and will remain an undeniable part of our financial system.”

It was a pleasure participating with other executives of innovation driving companies and banks at the 1st Crypto Custody Certificate Course offered by WM Seminare.

The well balanced equilibrium between theory and practise makes the course valuable. Especially the expert speakers as Dr. Carola Rathke ( Eversheds Sutherland ), Veronika (Vicky) Ferstl (TEN31 Bank AG ), Dr. Sven Hildebrandt ( DLC Distributed Ledger Consulting GmbH ), Martin Kreitmair ( Tangany GmbH ), Dr. Tim A. Kreutzmann, LL.M. (SUN) ( BVI Bundesverband Investment und Asset Management e.V. , Jacek Trzmiel ( Coinfirm ) & Christopher Zapf ( Tangany GmbH )

https://www.bafin.de/EN/Aufsicht/BankenFinanzdienstleister/Markteintritt/Kryptoverwahrgeschaeft/kryptoverwahrgeschaeft_node_en.html

THE NEW REALITY OF MONEY

A historical-social innovation briefing for a world where military high-security standards meet digital crypto-assets

by Jochen Werne

Chief Development & Chief Visionary Officer PROSEGUR Germany

SAVE THE DATE

Strategy Summit B2B Sales & Key Account Management
5. – 6. October 2021

The aim of this contribution to the debate is to combine historical insights into the meaning of money with the latest technological developments in the digital age, to compare visions with realities and to develop options for action for shaping the digital transformation of money.

The 10 most successful bank robberies in human history, in which the equivalent of US$1.62 billion was taken at sometimes massive expense, seem like the work of amateurs compared to the US$3.78 billion taken by cybercriminals in 2020 alone. In a world where tech companies are spearheading campaigns to create a new cryptocurrency and bitcoin is surpassing the US$50,000 mark because a visionary electric car maker wants to recognise the cryptocurrency as a means of payment, some fundamental questions arise: How must money be defined in a digital world to reliably fulfil the characteristics of a universally recognised store of value and medium of exchange? And what changes will result if so-called stablecoins challenge the banks’ classic deposit business and their traditional business models?

Security briefing: When cryptos meet high-security facilities. State-of-the-art wealth custody trends.

SAVE THE DATE: 29 September 2021 – 11.30 a.m. Berlin Time

It‘s a great pleasure giving a keynote at the VÖB-Service GmbH #VSK2021 Conference and to discuss with financial industry experts fundamental questions about the FUTURE OF MONEY

The ten most successful bank robberies in human history, in which the equivalent of US$1.62 billion was captured at great expense, seem almost like the work of amateurs compared to the US$3.78 billion captured by cybercriminals in 2020 alone.
In a world where tech companies are spearheading campaigns to create a new #cryptocurrency, where bitcoin is surpassing the US$50,000 mark because a visionary electric car maker wants to recognise cryptocurrency as a means of payment, Jochen Werne, Member of the Executive Board Prosegur Germany, asks some fundamental questions. “How must money be defined in a digital world in order to fulfil the characteristics of a generally recognised and reliable store of value and medium of exchange?” Or also: “What changes are coming to the financial industry when #Stablecoins spread and challenge the classic deposit business of banks?”


In our stream Digitalisation at #VSK2021, Jochen Werne presents possible answers to these and other questions.


Be there and register today for the #Kreditwirtschaft congress on Wednesday, 29 September! 👉 https://lnkd.in/gMe2g59