Blockchain Can Improve Security for IoT Devices, Critical Infrastructure, and Online Services

Data breaches, password compromise, and identity theft are the bane of the modern digital age. Everybody that conducts any form of activity online has a digital identity that is usually proved with a username and password. Passwords however can end up being more of a hassle than a solution.

If your password is too simple, your online identity is not safe. If you use the same password everywhere, you run the risk that data breach on one service will make your identity on other services to be vulnerable. If your password is too complex, you can forget it and lock yourself out of important services at inopportune moments. If you don’t want to forget your password, writing it down on paper or on a file on your computer could cause it to fall into the wrong hands.

A new breed of tech futurists strongly believes that password technology as a means of identification and authentication is due for an overhaul. Now, forward-thinking tech enthusiasts believe that the key to keeping digital identities secure is the decentralized nature of blockchain technology. This piece provides insight into how blockchain technology can be a game-changer in the digital identity management industry.

hack-813290_960_720

Here’s how blockchain technology can retire passwords

REMME is one of the forward-thinking startups working on revolutionizing the identity authentication industry with blockchain technology. Founded in Ukraine, (frenemies with Russia), REMME knows first-hand, the crippling devastating effect of cyberattacks. In the words of Alex Momot, CEO of REMME, “I founded REMME three years ago, during a spell when cyber-attacks in my homeland were proliferating.”

In December 2015,  a successful cyber-attack on the Ukrainian power grid through unauthorized access to information systems more than  230,000 people without electricity for up to six hours. Ukraine has also suffered varying degrees of cyber-attacks from IP addresses allocated to the Russian Federation in the last couple of years.

One would have thought that state-owned resources would have sophisticated security systems designed to stop cyber-attacks. However, Alex notes that “it doesn’t matter how sophisticated the network access software is or how well it’s encrypted: so long as it’s reliant on a human typing in a string of characters they’ve memorized or stored “in a safe place” there is a serious risk of a system breach.”

REMME is testing out a blockchain solution that can authenticate users through a decentralized distributed public key infrastructure instead of the traditional password. With REMME, each device gets a unique SSL certificate, the identifier for each certificate is securely stored on the blockchain, a fake certificate will never work because the blockchain is inherently designed to prevent ‘double’spending’ of value.

To access a service, users will only need to choose the “Login in with REMME” option to verify their identity and access the services. Services that want an added layer of security can incorporate a 2-factor authentication system that sends authentication codes to existing apps (messaging apps inclusive) and corporate mobile apps.

REMME’s blockchain solution has the potential to retire passwords and eliminate the weak links that can be exploited for data breaches. With REMME, clients would have fewer reasons to be worried about phishing, brute force, keylogging, bucket brigade, server breach, keylogging, password reuse attack, and password breaches.

Blockchain authentication can revolutionize security in enterprise segments

The importance of secure authentication goes beyond keeping emails and services such as iCloud secure. Of course, individuals and businesses can lose money in relation to the direct and indirect effects of a data breach. However, the biggest dangers of a security breach and unauthorized access will be most keenly felt in enterprise segments.

Take the IoT (Internet of Things) market for instance, current username-password systems are grossly inefficient at enabling machine-to-machine communications. Hence, many of the IoT devices in the market use simple primitive technologies for identification. However, these simple login systems leave IoT devices such as self-driving cars and automated home systems vulnerable to hacking attacks. The dangers of a hacked car on the roads sounds unnerving; yet, a persistent hacker can compromise just about any car with any kind of internet connectivity to malfunction.

Critical infrastructures such as telecommunications, nuclear power stations, and traffic control stations are in need of adequate protection from hackers. Critical infrastructures are usually legacy, proven, and reliable systems that had been in existence before the proliferation of the Internet, when there were few reasons to be worried about hackers.

However, as the digital disruption continues to get underway, many of these critical infrastructures are getting internet connectivity as parts of efforts to make them more suited for the digital age.

However, the odds of successful cyberattacks on critical infrastructure are now high than ever before. Services such as REMME, could help service providers integrate advanced authorization platform to defend legacy systems from cyber-attacks and improve their security.