Today’s modern payment system can be thought of in three parts: Legers, Transaction Processors and Instructions.
Ledgers are an ancient technology that have not changed much over the millennia. The introduction of the block chain will change that. The innovation of the Block Chain is the ability to assure that a sequence of facts has not been tampered with and that the trust of the block chain is affirmed not by a single entity but the consensus of all contributors. Ledgers have always been exposed to risk from two sets of books, cooking the books, and single party trust. The block chain provides a new model after hundreds of years of keeping a simple list. The pace of innovation is very high and the modernization of the ledger is fully underway
Transaction processors provide the critical function of adding new transactions to the ledger. Transaction processors were the first point of digital innovation and have undergone significant change in the last 40 years – we have gone from an all human transaction model to an electronic one, from the store front to Amazon, from traders to electronic trading. Lost along the way was the old fashioned model of human trust. Computers have taken over as the transaction processors of the world providing updates to ledgers at a pace that enabled whole new models of business. In fact, automation has reduced the cost to post a transaction to such a small amount that we begin to think that transactions are free. The innovation of Bitcoin is the separation of control. The transaction processor (miners) and the block chain now distributed around the world are not run by the same trust entity. The result is the creation of a whole new model of a global account that is fully decentralized. The rapid Growth in Mining provides a foundation for a global transaction network that is independent of the user and the block chain.
Transaction Processors assure compliance with basic rules. In Bitcoin, the goal is to have systems where the rules are encoded into the miner and the Instructions. Today Bitcoin’s advanced capabilities rely on simple rule sets like Multi-sig to complex rules like Mastercoin and Ethereum. The power of the system is in the consensus trust model that reduces or eliminates the need to have faith in the miners to follow the rules. The consensus trust model is new and provides for fantastic forms of commerce. While there is a desire to impose central control over these systems the real power of Bitcoin is to stay true to a model of transaction processors that open.
Instructions are the starting point for any payment. The Instruction is where a human decision is transformed into an action for the payment system. Instructions are where Bitcoin has its greatest challenge. Prior to the introduction of computerized transaction processing all of the data was processed by data entry clerks, who provided a trusted human link between the human written instructions and the transaction processors. As computers became smaller, dedicated order entry systems where built on closed networks and the terminals became the point of Instruction creation or Point of Sale. For a significant period of time this worked but two more innovations upset the apple cart -the Internet, and the advent of E-Commerce. For the first time there where “non face-to-face” transactions with no human involved in the process. The loss of human interaction resulted in diminished trust and increasing fraud, yet market demand for e-commerce systems increased the volume of electronic transactions. The pressure to reduce cost and improve service is slowly replacing human supervision of a transaction to fully automated checkout. Bitcoin and Trusted Execution technologies are in a perfect position to modernize the payment model.
The transformation from a human to digital-trust-system has created the need for a new solution for the creation of instructions. The device manufactures have addressed this need by building devices that provide a trusted execution environment. The solution assures that the users Intent is properly verified and captured. Bitcoin provides the perfect opportunity to leverage the trusted execution model for the modernization of payment systems worldwide. The math behind the Bitcoin instruction is simple and very strong. The requirement to digitally sign the instructions with a user’s private key provides the point of integration with trusted computing standards and solutions. These simple primitives provide a path to the modern instruction.
The elements required to form a high quality instruction can be broken down into at least three main components: Collection of user intent, identity, and information. Trusted computing technologies provide the foundations to deliver these components.
• First collection of user intent. Simply put, this is the ability to properly collect from the user in a trustworthy manner permission for the system to have access to the user’s private key. Typically this is done by the user entering a password, pin or biometric to assure that the user is involved in the permission. The goal is to prevent theft of the PIN so that another user or a piece of malware can falsify the intent and create an instruction. The modern trusted execution environments now support trusted input on Phones, PCs and tablets. These new features provide a powerful role in protecting and collecting the user’s consent.
• Identity is the second component of a properly constructed instruction. The identity in bitcoin is the private key. The private key must be protected as it is the identity that is used to access the accounts and sign the instructions. If this identity is lost, then so is account access and anyone can sign an unintended instruction.
The private key must be protected from being copied or used by unauthorized programs. Using an Isolated secure device is the simple way to do this but is also expensive and annoying. These models are not the easiest for consumers to manage, and separate devices are consistently lost in the enterprise authentication market. There has to be a better way.
The trusted execution space on Intel and ARM devices provides a built in solution on the device the user already owns. Trusted execution provides a hardware level isolation of the private key and the logic to use the private key to sign an instruction. It provides the secure processing so that once an instruction is compiled and signed it cannot be altered in transit to the transaction processing system.
• The final component to create a secure instruction is to securely display the information contained in the instruction. Secure display provides the user assurance that the instructions have not been modified or compromised prior to transmission. It is critical that the information that is compiled into an instruction is the data the user intends. A secure display provides the trusted execution environment with the ability to properly display to the user the information that will be used in the instruction. In essence, this provides a secure biometric interface to the human that cannot be altered by the primary OS or any malware running on the device.
The secure instruction can be thought of as a simple robot (your device) enabling the process:
What do you want to do?
This is what you have instructed (secure display)
Please confirm (secure PIN)
Instruction is ready for sending J
The transition from a human trust model to a digital trust model is underway. High quality Instructions that are easy to create and are on the device we already own, will revolutionize the financial services market. Bitcoin and trusted execution provide the foundation for a modern Crypto based transaction processing system that has the efficiency of peer-to-peer transactions with the confidence of a securely formed instruction. It will take both technologies to get the benefits that are promised by this new system of transactions. As the number of users grows and the attack surface becomes more interesting. Trusted Computing is the perfect opportunity to deliver a modern interface for Bitcoin providing the user an easy, safe, and modern solution to transferring value in the digital world.
Image Credit: CC by Images Money