Blockchain in the PSD2 and Open Banking World

Blockchain in the PSD2 and Open Banking World

There is a common view that Blockchain is the answer to every IT (and other!) problem that is out there. Most of us have heard of Bitcoin which uses the Blockchain concept to manage a crypto currency, however, in this blog we will give a simple view of what Blockchain is and provide what is hopefully an understandable example of its use from the PSD2 and Open Banking world.

What is Blockchain?

There are many explanations available on the Internet describing very well what Blockchain is so we will simply describe the elements that we will use in this demo. Note that many see a Distributed Ledger Technology (DLT) to be an intrinsic part of any Blockchain solution, however, we will simply assume for the purposes of this blog that the transactions are within a DLT.

Blockchain is actually using a number of technologies that have been around for many years including hashing of data, to protect content, and ‘Public Key Cryptography’, to enable the data to be signed by a key owned by a specific person or entity. In the Open Banking world, there will be many transactions which debit money from an existing account and credit that to another account. The following is a reasonably simple example of a standard Blockchain built around such transactions:

blockchain-transaction-01

In the above example:

  • The Transaction is the data that represents the credit or debit made.
  • The hash, in its simplest form, is a mathematically created value based on:
    • The actual transaction data
    • The time of the transaction
    • The hash of the previous transaction (or 0 for the first in the block)
  • The transaction ‘Signature’ is created by using a private key only available to the person or entity signing the block.

What are the benefits of Blockchain?

It is clear that transaction records have been maintained and written for many years even before banking was done by computers, so what benefits does the Blockchain concept described provide?

  • A key to the technology is the immutability of the transaction once it has been created. This means that it can never change and if the data in the transaction is changed, this can be detected. Compare this to previous transaction records written to existing IT systems which can be changed given the appropriate access. This key property means that you can always believe the Blockchain data you read and can determine in a standard way if any of the data has been tampered with.
  • A second key part of the technology is the fact that when it is signed by your private key, it means that the transaction cannot be ‘repudiated’; essentially you cannot claim you did not agree to the transaction if your key was used to sign it.

While the non-repudiation statement above has weaknesses as keys can be lost, stolen or shared, the immutability property is very powerful. The strength of this is in two parts:

  • The first is the hash generated for the actual transaction record which ensures that the contents of that transaction record cannot be modified without invalidating the Blockchain.
  • The second is the fact that the hash from the previous transaction to the current transaction is also included in the current transaction’s hash means that there is also a sequence to the transactions that cannot be changed.

A Simple Example

Within Ostia’s sandbox simulation, it is possible to make a payment using the Open Banking Implementation Entity (OBIE) defined payments Application Program Interface (API). This operates real time on the accounts impacted by the payment whilst also writing a debit and credit transaction record for the payment. These transaction records are then accessible using the OBIE defined Accounts API. By implementing a simple block chain as described above, it can be ensured that this transaction data is never tampered with. Consider the following transaction list using the OBIE API:

blockchain-transaction-02

If we note the last transaction amount is €5. Now as we have access to the data, we can go behind the application and change that value to €6 as can be seen below:

blockchain-transaction-03

If the data is now refreshed on the real application, the following occurs:

blockchain-transaction-04

This specific application (or in fact any application) while reading the transactions can also validate the transactions using Blockchain concepts and will pick up the fact that the last transaction in the screen shot had been modified.

While this is a very simple example, it shows the power of what Blockchain can do. If you consider the many Third Party Providers will be creating transactions on behalf of a bank’s customers, having an immutable record by both parties could be a very clean way of establishing trust between them.

In the next article, we will discuss identity and the challenges that it raises for PSD2 and Open Banking.

           

Written by : Ostia Solutions