Blockchain Pros and Cons
With hackers growing more sophisticated every day, companies and their customers could benefit from some bulked-up cyber defenses.
Blockchain technology is one innovation trying to provide a solution against hacking and fraud, but its drawbacks may stall implementation for the foreseeable future.
“[Blockchain] is there; everyone is aware of it. It will pop one of these days, but no one knows how to insure it. It takes time for insurance to catch up because there’s no loss history,” said Jimmy Kirtland, VP, corporate risk management, Voya Financial, presenting on the topic at the RIMS 2017 conference in Philadelphia.
Currently, financial transactions are recorded through a central authority like a bank, which keeps one ledger for all parties involved. It provides a reliable record of ownership and asset flows, but it’s easily hackable. A cyber criminal only needs to gain access to that one ledger to place every party – and all of their transaction data – at risk.
Blockchain, on the other hand, is an example of a distributed ledger. There’s no central authority, and every participant has their own copy.
Brian Scarbrough, partner, Jenner & Block LLP, compared blockchain to “one giant interactive and global spreadsheet,” which displays real-time changes so every copy is identical, and which no single user controls.
The advantage of this distributed model is that it’s much harder to hack or manipulate.
In a blockchain model, transactions are organized into discrete “blocks,” which are time stamped, encrypted and linked to the previous block, creating the chain. Each block can only be added to the chain if there is consensus among participants that it has been verified.
Without consensus, no transaction is recorded.
So, if a hacker gains access to one of the local copies of the ledger and tries to retroactively change a transaction, it means he must also change every block that comes after that transaction. But that creates a split in the chain, and other participants’ copies will differ from the hacked ledger. Because consensus is required, the participants in a blockchain ledger would easily be able to identify and reject the change.
“Cryptography is used to validate and confirm transactions,” Scarbrough said.
Through complex mathematical equations, cryptography encodes transaction data. It also acts to cut out trusted intermediaries that normally do data verification and encryption.
“Cryptography solves the threat of multiple networks being hacked,” Scarbrough said. “Instead of trusting one central party, users trust a network of participants that keep each other honest through mass collaboration because they have to vote on each transaction to be added to blockchain, and cryptography aids that process.”
Blockchain technology, through its ability to track and store data including policy applications and renewals, can potentially help to streamline the underwriting process. Records of ownership could also prove useful in insurance disputes and in claims handling.
However, running encryption and decryption software 24/7 requires a lot of energy and resources.
“Running blockchain around the clock requires massive amounts of electricity and is very capital intensive,” Kirtland said. There is also a lack of mature infrastructure, lack of scalability, the potential for fraud through collusion, and unanswered questions around regulation and legality.
There’s also uncertainty around how cyber coverage would respond to failures of a blockchain system. Some cyber policies have only just begun to incorporate language addressing bitcoin, which is an example of blockchain technology.
“Running blockchain around the clock requires massive amounts of electricity and is very capital intensive.” — Jimmy Kirtland, VP, corporate risk management, Voya Financial
Bitcoin incentivizes people to invest their resources in the data mining and hashing necessary to keep blockchain transactions going by rewarding them with bitcoins. With other blockchain applications, though, incentives are still lacking.
As demonstrated through the number and participation of session attendees, blockchain is garnering a lot of interest, but brings up just as many questions.
Audience members had uncertainties around the technical aspects, and the technology’s exposure to hacking. But if the industry can gain clarity around those uncertainties, and if cost of implementation goes down, blockchain models could drastically change the way insurers and other financial institutions do business.
Additional stories from RIMS 2017:
Risk managers can use IoT for data analytics and other risk mitigation needs, but connected devices also offer a multitude of exposures.
Damage to brand and reputation ranked as the top risk concern of risk managers throughout the world.
Liberty Mutual appears to be the first carrier to create a workflow process for evaluating medical marijuana expense reimbursement requests.
Companies should focus on response, resiliency and recovery when it comes to cyber risks.
Carriers continue their vital role of helping insureds mitigate risks and promote safety.
New cyber model platforms will help insurers better manage aggregation risk within their books of business.