The Evolution of Digital Transactions

Today, digital transactions are so integral to our lives that we hardly even notice how pervasive they are. For instance, many automated service machines, such as those issuing transit tickets will only accept credit card payments. Furthermore, many people don’t even bother carrying cash anymore and there is obviously no other method of finalizing payments on e-commerce platforms. However, as normal as such financial transaction methods have now become, widespread adoption of digital transaction mechanisms, not only for financial transactions, but also for transacting other forms of data, are actually relatively recent developments. As the internet became more main-stream in the 1990s, so did the popularity of online banking, as well as online retail and payment services.

The blockchain distributed ledger technology is the newest innovation that has been garnering a great deal of attention for the past few years, so let’s take a look what goes on behind each digital transaction, as well as possible impact that real blockchain adoption would have on users.

So, what is an open digital transaction?

It encompasses the date of transaction, type of digital transaction, and good, service or currency being transacted, among others. An open transaction refers to one that is publicly available for review. These are provided by institutions or governmental organizations in order to provide a degree of transparency of their dealings to the public. Examples include data provided by the US Food & Drug Association (FDA). Rather than being live recordings, they are typically periodically released documents that show a snapshot of transactions over a fixed period of time. They cannot be edited and do not provide access to the original sources of the transactional data being shown. This is a necessary measure, so as to avoid the data from being hacked and edited by bad actors. However, it also entails a degree of trust between the supplier of data and the reader, as it is not the original source of the data and therefore open to speculation and doubt.

What is encrypted data?

Encryption refers to a type of digital security that establishes a link between the user and browser that enables data to be transacted and transmitted in a private, uncorrupted and complete format. This is accomplished through the data being encoded so as to only permit authorized parties’ access to the data, to the exclusion of unauthorized parties. This entails the data being converted into a string of unreadable coding that can only be decrypted by someone who has access to the correct private keys. You may have noticed this when you open a pdf file online and then try to copy/paste the information elsewhere, only to find that a bunch of gobbledygook appears instead. Authorized parties can only gain access to encrypted data by means of private keys. Users’ private keys generally comprise of at least two parts. Typical examples of this are the ‘user name’ and ‘password’.

Some Electronic Transaction Data Security Levels

Electronic transactional data refers to the digital record-keeping of transacted data. It minimally includes basic information such as time, location, type and content of a particular digital transaction.

Hashing

Hashing is different from encryption. It entails taking large amounts of data and condensing the data into a manageable, fixed size. However, these hash values are still very long, therefore making it extremely difficult for a hacker to correctly guess the decryption formula. Although most people are familiar with hashing thanks to crypto-jargon, hashing actually doesn’t originate with blockchain technology. Rather, blockchain algorithms offer a new method of hashing data in a way that is decentralized and, if the protocol’s are bug-free, fairly secure. But, even within the framework of blockchains, the way in which data is hashed depends on the type of algorithm used to hash the data.

Returning to the concept of hashing in general, hashing algorithms are programmed to be deterministic. This means that the data inputted will determine the data outputted. If the same data is inputted again, it should produce the same output. Therefore, in order to verify and access content, the user must have the correct software and digital signature. Hashing is good for authentication purposes, without requiring the exchange of sensitive information. The TLS and blockchain forms of hashing are described below:

Transport Layer Security (TLS)

This is the type of cryptography that is most common. In fact, anyone who has used the internet or any computer network has made use of some variant of it, with most users being unaware that they are doing so. This protocol is intended to provide both privacy and security for the data of all the users that are connected to network, regardless of the various types of devices that might form part of it. This is because, all data is transacted using symmetric cryptography, which requires the parties to use the same private keys to both encrypt and decrypt the data being transacted.

During the initial sign in, the user will generally need to enter the necessary details, as well as the desired password, unless they have already been allocated a user name and password by the host party, as sometimes happens with banks and other institutions upon registration. This data is then stored in their centralized network. It is meant to prevent attacks by third parties including mid-transaction interceptions, but there are actually numerous ways for hackers to manipulate and infiltrate the TLS infrastructure.

These include renegotiation attacks and CRIME attacks. Renegotiation attacks allow hackers to intercept digital transaction requests by splicing their own code into the initial request before it is received and verified by the server. CRIME attacks allow hackers to access sensitive data by obtaining the user’s browsing cookies.

Blockchain hashing

This is a form of encryption that allows for direct peer-to-peer digital transactions, thereby doing away with the inherent weaknesses of third-party transaction networks.

Blockchain algorithms are hashed according a particular blockchain’s protocol. This algorithm also dictates the volume of hashed data permitted in each block before the block is locked and the next block in the chain is initiated. This necessary due to the fact that this hashed data is stored in the blockchain, which is then stored and verified across the various nodes that form part of the blockchain network. If this data were hashed according to its original size, the collective data would soon be far too large for a single full-node to store the blockchain’s database, which would put an end to the usefulness of the chain.

Hashed data includes the transactional information, as well as the user and receiver’s private keys, wallet addresses, and so on. makes it much harder for third parties to hack encrypted data. This data is included in the hash, as that is how the digital signature is imprinted into the hash. This means that only those who know the correct private key and address will be able to access and decrypt the data that is locked in that hash. If a user only has the correct password, their node will be able to verify that the hash is correct and therefore that the user is authentic by comparing the hash against the blockchain’s database. Mining is a famous form of hashing implemented by blockchains such as Bitcoin and Litecoin by means of a Proof-of-Work (PoW) algorithm, however there are many others including Proof-of-Stake (PoS) and byzantine-fault-tolerances (BFT). But, these descriptions are beyond the scope of this piece.

While there are often weaknesses in blockchain protocols that can be exploited, it still has the potential to be the most secure method of data storage. This is why many major corporations and financial institutions such as IBM and Amazon are currently scrambling for patents and to actualize its potential across a variety of industries, including the medical and financial sectors, much to the dismay of blockchain purists who prefer for blockchain to be truly decentralized and open-sourced.