The Global Block Chain Ledger, as a Payment System for the Digital World

While we originally developed the "Block Chain Ledger" technologies to secure our cognition private Triple Entry Accounting systems; the growing interest in bitcoin type blockchains has lead to a focus on the opportunities that distributed Block Chain Ledgers in general could create; not in the crypto-currency world but in the existing world of “real” payments.

Having recently spent 4 months in London, where these activities are beginning to be taken seriously by the "big end of town", this blog looks at how a practical payments system might be created from our Global Block Chain Ledger "eco system". While the existing payments system examples are taken from the UK, they are essentially the same or similar enough to the Australian and most other counties environments. The UK is simply way ahead of Australia, in this area, across both Government and Private Industry, as demonstrated by the level of "real" investments being made each month in London alone. France is also vary active in this area, but will stick to UK examples.

The United Kingdom
At present in the UK, payments operate on separate ledger mechanisms which echo the past in terms of their structure. All existing core Payment Systems in the UK operate by settling the obligations from one of their Direct Participants to another across settlement accounts held at the Bank of England.   For those institutions that are Direct Participants in the Payment Systems, their settlement accounts at the Bank of England are normally directly linked to their Reserve Accounts (thus enabling them to participate in the Bank of England’s “Sterling Monetary Framework”).   At present, over 150 institutions hold Reserve Accounts at the Bank of England.

As such, it could be argued that these form the Central Ledger for £ Sterling and the account structures held within each of the participating Banks to keep track of their customers’ balances form separate “nodal” sub-ledgers.   A customer’s “nodal entry” balance may be positive or negative depending upon whether they are in credit, overdrawn or have authorised loans with that institution that exceeds their credit balance.
Collectively, it could then be stated that the daily payments between Banks on behalf of either themselves or their customers takes place within a Closed Network Group of authorised institutions.   Unless the Central Bank has released “new money”; it remains a “sealed” Group operating within the total value of £ Sterling in existence.   As such, all daily transaction flows between those participating in the “eco-system” therefore net out at the end of the day.   At its widest level, this eco-system encompasses all entities and systems which require the movement of £ Sterling to operate.

Payment Systems are currently the means by which the instructions to move monies from Banking Institution A to Banking Institution B (on behalf of their respective customers) are securely transmitted and processed. The UK currently have several, which reflect the differing means of money transmission; CHAPS for real-time guaranteed High Value Payments and Cheque and Credit Clearing (for when a paper instrument (the Cheque) is used by a customer as their instruction to credit funds to another party who banks elsewhere in the UK Banking System) are two examples.

These payment systems therefore act as the interface between the “Central Ledger” and the “Nodal Ledgers” held at the Banks and other Financial Institutions who participate in the UK payment “eco-system”.  They need to be secure, trusted and resilient. Erroneous or illegal transfer instructions purporting to represent the wishes of a customer to transfer funds elsewhere cannot and must not exist.

The collective needs and wants of the various players participating in the existing UK Payments arena therefore mirror closely the underlying aspirational attributes of a distributed ledger system; a single, secure, trusted ledger mechanism where authenticated transfers between Financial Institutions and their customers take place legitimately and without impediment. Basally identical to the Australian Payments System.

A lot of work and thinking is taking place within the UK Payments Industry at present to determine its future shape and strategy for the next 10 years. The core objective of any new Payment Systems are around innovation and the aspiration within the payments industry to look to consolidate a number of the payment systems and to operate to common data and message standards.

The question is whether any aspect of the logic backing the distributed ledger process could be brought into use as part of the forward looking payment system design.

Actually the solution is pretty straight forward when triple entry accounting and commercial Block Chain Ledgers are applied to the scenario above..

What if full Distributed Ledgers were held at the institutions that held authorised Banking Licenses with legal authority for Settlement Finality still vested with the Bank of England as the repository of the Public Block Chain Ledger?  The two banking parties in a transaction on behalf of their respective customers would provide the authenticated bi-lateral adjustment on there own distributed Private Block Chain Ledgers, the transfers between the various Private Block Chain ledgers would then be applied to each Private Block Chain Ledger, and also on the common Public Block Chain Ledger operated by the Bank Of England. The Public Block Chain Ledger would be atomic and operate in real-time or in netted blocks thereby representing the Deferred Net Settlement status currently present within existing Payment Systems.

The identical arrangements can be applied to two parties transferring funds between each party, where the Public Block Chain Ledger is now maintained by any entity with an Banking Licence.
As can be seen each transfer is fully sealed by each party and the Public Block chain Ledger, and ultimately by the Bank of England. The third leg of each triple entry accounting system ( the Public Block Chain Ledger) is publicly available and hence can be verified by anyone anywhere at any time.
Of course the system could be adjusted to also support P2P transfers and also transfer anything of value, but lets stick with our payments system example for now.

Finality
What parties on either side of a payment transaction (Private Block Chain Ledgers) want above all else is certainty around the payment successfully taking place. In particular, that the payment will not be revoked. Whilst this is an obvious concern for the end beneficiary, at a systemic and commercial level, the risks go deeper than the simple question of whether the Payee has sufficient liquid funds for the payment to be successful and centre on whether multiple payments can be revoked owing to the Financial Institutions handling the payments becoming insolvent.

For the main UK Payment and Settlement systems, the means of protecting payments “in transit” is provided via their designation under the Settlement Finality Regulations. Specifically, payment and settlement systems that are designated may apply for protection against the operation of insolvency law for instructions entered into their system.

In the proposed payments system above, the triple entry accounting system (the Public Block Chain Ledger) operates on an atomic, and instantaneous basis, the transaction once sealed in the Block Chain Ledgers, cannot be modified or removed. As it is a Public Block Chain Ledger, anyone can validate this. By virtue of the application of the regulations, payments then effectively become final and irrevocable at the point in the system’s processes where settlement is deemed to have taken effect.

You may notice there is no mention of "mining" or any "crypto currencies" anywhere in the above description, it is all simple extensions to existing double entry accounting, and application of secure crypto based technologies to form a Block Chain Ledger.

Of course one requires a complete "eco system" solution similar to the existing payments system for this to all be real, and this exists today. This includes  mandatory security policy that all keys must be protected and stored inside HSM's.

Simple, cheap and deploy able, based upon incremental technologies for the Digital World, which could be used as the first truly Global Block Chain Ledger based payments system.

As I said at the beginning of this blog, we already operate a simpler form of discrete double entry Accounting Ledger already.  The big step is to secure these with Block Chain Technologies and create the Public Block Chain Ledger. The Payment System would then become the network and rules mechanism by which the transactions would take place. The cryptographically secure audit trail of transactions conducted through the network, and made public ally available via the Public Block Chain Ledger would represent the Payment System and would become, by default, the UK Payment Transaction Repository (PBCL) which could then be utilised as required by Government and law enforcement agencies, or in fact anyone in terms of the data that it would hold.

Completeness, using industry standard web services for payments protocols using Turning Complete specification (BPEL4WS), to ensure integrity of payments system protocols.

This blog provides the insight of how Australia, and the existing payment system participants could leap-frog one or more interim steps to the next level of evolution, and become part of a truly Global Block Chain Ledger, for the benefit of all of society, all based upon Australian developed technologies.

Also see
Secure Global Digital Identity, for the Digital World
Identity Theft and Digital World
Free hardware generated and protected Bitcoin/BlockAuth ECDSA Private keys.
Decentralized Authentication
Global Public Block Chain Ledger Navigation

Sample Payment Block Chain Ledger

[{"BlockNo":"ac829616-d093-44d9-92f1-8d44e9ef1453",
"BlockSin":"20014dc33d149ef0335226a0ce3afb18dfc2be6c1abd23c8c0b9",

"BlockParent":"00000000-0000-0000-0000-000000000000",

"BlockSignature":"MHECIQDOMvt89PxftUyE1sxn074sO1ruClqVntsTw9CbHQKTowIga8oqg0A9ztEPUCDSREEN+mBJgXEKo1G3CL8guFsc6FUCARQCBFX8fj0EIQMHRLPlFdxfpbGDgSLog4tk3Gk94Sm03BWQwGseyMfrtw==","BlockVersion":1,

"Trandate":"20150918T00:00:00",

"Currency":"AUD",

"BaseCurrency":"AUD",

"FxRate":1.000000,

"Debit":15.0000,

"DebitRefNo":"ac829616-d093-44d9-92f18d44e9ef1453",

"DebitSin":"2001211faeb505284fd79d04cf5fd012b42ec79411632b97f075",

"DebitSignature":"MHECIQDpREZEPVbYiaashbkT6FgpRRAzhnPYZUfkfDdTrpLL+AIgcfd2bJtsS38hTdguVvzniB4vSh6WFuX9rWzdaz6s4tICARQCBFX8fj0EIQJIs2HIbbv85aP8lOnA4APvwOXwD2781fT5mR+xftQz4A==",

"Credit":15.0000,

"CreditRefNo":"ac829616-d093-44d9-92f1-8d44e9ef1453",

"CreditSin":"2001a8562a2393f2f9cf1f794844fdcd83d5d4cadfd0cce65bf9",

"CreditSignature":"MHICIQCmHEqQ1GbOdD3en5Pq73CYaq6x3cVLWX8jqLwCub87YgIhAPQLjPZds49boBSXCyqZnti3ICF1gLG0xwHzLI1V6OISAgEUAgRV/H49BCEDneGerUuk/Jb1OEurOXAw1MlWB6M5XjG51g9Ceg2ncug=",

"AuditSin":null,"AuditSignature":null},

{"BlockNo":"a4ae7977-07b8-4b02-b1b0-9eddbc2eadf5",

"BlockSin":"20014dc33d149ef0335226a0ce3afb18dfc2be6c1abd23c8c0b9",

"BlockParent":"ac829616-d093-44d9-92f1-8d44e9ef1453",

"BlockSignature":"MHICIQCfl3iIYF5zsk48e0lct0Rq7PRpNK0R95l5P3IU6RuohgIhAOFnE8ol9CR0lHuHLS/mFdoQv9OHpk6fJvo/EF0R+SWGAgEUAgRV/H4+BCEDB0Sz5RXcX6Wxg4Ei6IOLZNxpPeEptNwVkMBrHsjH67c=",

"BlockVersion":1,

"Trandate":"2015-09-18T00:00:00",

"Currency":"AUD",

"BaseCurrency":"AUD",

"FxRate":1.000000,

"Debit":10.0000,

"DebitRefNo":"97eefa29-00b6-4b15-a914-19dc05cc8b12",

"DebitSin":"2001211faeb505284fd79d04cf5fd012b42ec79411632b97f075",

"DebitSignature":"MHECIHCt7wQquk4xGEhgZHv4ZvxzJ6PODVuQSCjcEsgRaxYOAiEA6uTpQfrxcZwbLYpLqh0zyv2XQr5LEe1kTfG9ozx6+7wCARQCBFX8fj4EIQJIs2HIbbv85aP8lOnA4APvwOXwD2781fT5mR+xftQz4A==",

"Credit":10.0000,

"CreditRefNo":"b32b66ee-a46f-46fe-a293-302f106936c7",

"CreditSin":"2001a8562a2393f2f9cf1f794844fdcd83d5d4cadfd0cce65bf9",

"CreditSignature":"MHACIDlsBZI+NlG46z38okOLPLBERCOg8admBBwaDzP1YcN9AiBn+ex7efF/tnh6T8oGMzqI4eiKuxrEbr/xCWbEoSc+egIBFAIEVfx+PgQhA53hnq1LpPyW9ThLqzlwMNTJVgejOV4xudYPQnoNp3Lo",

"AuditSin":"20018d8cf3eaa3e5303209bea96aadf52cb11bda668f191e035b",

"AuditSignature":"MHICIQCZfz42LWmZU2YTBNNogMIEZ0+LdcJGSVDnTJzvdyTUXgIhAIFr+9BY0OUL4fHLneJK0uB6GjdSS0ikaw5PFXEvp5DEAgEUAgRV/H4+BCED++O40gs13qplV0IZG4RfMrLvK/Qn96B5tMEzIC0p8GY="}]

Disclaimer The contents of this site should not be understood to be accounting, taxation or investment advice but rather as general product related educational information that may or may not meet your specific requirements.

The Unbanked, in the Digital World...

For most Australians, not having access to banking, credit and debit cards is almost unthinkable.
Yet most citizens in Asia, Africa, Latin America and the Middle East continue to transact with cash and coins, the closest to banking services is Western Union.

They are the world’s unbanked who have minimal contact with banks and financial services. Though the unbanked make up about half of the world’s adult populace today, emerging financial technology like Public Block Chain Ledgers and associated payments technologies are leading the way to to bring financial inclusion to the unbanked, right on their "Mobile Phone".

Today the unbanked stand at 2.5 billion people. Across the regions from Africa to Asia, rural farmers, women, the poor and the youth make up the largest pie of the unbanked. They grapple with the lack of access to proper banking infrastructure, tedious documentation and paperwork requirements, resulting in financial exclusion from the global financial economy.

All that is about to change, according to Managing Director at VillageMall, Charles Moore the pioneer of Block Chain Ledgers and infrastructure.With the global investment in the burgeoning fintech sector showing significant growth of $1,273 million to $4.1 billion from 2008 to 2014, digital payments for the unbanked have increasingly become a focal point for traditional banks and fintech startups to approach the money economy in a different light.

The objective is for the unbanked to remit, save, transfer, loan and purchase goods and services using mobile technologies, not new currencies, developing a new currency and all the political and social acceptance simply takes too long, the urgent need is today.
Many startups dont understand that money, credit, banking and finance are ultimately tied to trust, there is no point in a disruptive technology that does not address social "trust".
The solution requires a secure global ecosystem, which includes services for secure Global Identity,which still works, when there are no traditional forms of identification. The solution must allow participation in the global payments framework, including meeting the AML requirements when they apply. To drive down the costs this solution cannot be, yet another orphan solution, but must part of a single global ecosystem, with fit for purpose social trust mechanisms. This si no easy task, which traditional banks have not achieved in the last century.

The Unbanked and Mobile Money
In Australia's closest region, Southeast Asia, there are 270 million unbanked citizens many already have access to mobile phones. The Philippines, high in mobile penetration and known to be the third largest remittance market. Several telcos and banks in Asia, having anticipated the dawn of mobile banking for the unbanked, introduced traditional mobile wallets for daily transactions to citizens early on. Yet the only inovation is via start-ups experimenting with crypto-currencies like bitcoins for mobile financial services without the need of banks or other established financial platforms. These approaches have significant risks, while the traditional banking and credit card companies simply protect their momoplies.

The first observation, is that a new currency is simply, not required, to enpower the unbanked of the world, as noted by Charles Moore.

What is required is a Global Payments system based upon a Global Secure Public Block Chain Ledger, with the integrated secure Global Identification system which does not disadvantage the unbanked of the world.

Today, transaction, operation and processing fees are charged upon consumers and merchants for the financial services. Low-income earners, whose annual salaries can usually be counted in hundreds of dollars, grapple with the high cost of bricks-and-mortar transaction and remittance fees

Fintech start-ups are thought to be more robust and flexible with their operations and thus business models. As a result, the unbanked – consumers and local merchants alike – save on costs. Consumers are able to carry out mobile banking at a fraction of a fee, in many cases these can be totally free. In turn, merchants save on transaction charges, monthly or annual rental fees on top of installation and set up terminal fees.

Unlike fintech start-ups, traditional western banks have expanded through acquisitions over the years. Banks have tended to bolt new systems on to existing ones, rather than undertake the more disruptive and costly process of fully integrating them. Hence responding to these challenges is hard for banks, many of which have vast IT systems dating back to the 1960s and 1970s that are prone to problems (see almost monthly bank system outages, some lasting for days!) and expensive to maintain. Furthermore, as people check their accounts more regularly on tablets and smartphones, it puts additional strain on those systems. The fundamental issue remains, commercial banks still find it hard to offer banking services to poor people and still turn a profit.

Yet many fintech start-ups misunderstand that banks still play a dominant role in the global payments, and that a significant part of the fee structures are imposed from regulatory frameworks which are also outdated.

What is needed is a "fit for purpose" Global Solution for everyone.
Without disruptive technologies like the Public Block Chain Ledger, the unbanked will continue to grapple with remittance and conversion fees charged by transfer agents like Western Union, which can cost up to 8.5 to 10 per cent of funds transferred. Banks and credit card providers typically take from 3 per cent for all FX transaction, plus merchant fees, this is out of place even in First World countries. The the true incremental transactional cost is close to zero in a Digital World, with instant, atomic, transactions and zero settlement risk, all typical of modern Block Chain Ledger technologies.

It is simply immoral to take the person’s entire income for the cost of implementing and the transaction process; merchants selling by the roadsides cannot afford to pay for such technological payment, said Charles Moore.

Financial inclusion for the unbanked is said to have a potential to plough in as much as $23 billion to $73 billion into the Asian economy by 2030.

With mobile phone penetration increasing yearly and the number of Internet users increasing at 16 per cent annually, certainly there is much hope for Asia’s unbanked.

The only question is weather Australia will play any part in this opportunity on our door step, or we will continue to only invest in "property" which produces zero national wealth, for anyone other than speculators.

The opportunity is now, with the release of  the world first Global Block Chain Ledger technologies and infrastructure in Australian today. The only FinTech solution, exclusively protected by Hardware generated and protected next generation Elliptic Curve technologies,and yes, Hardware backed keys are provided free to the unbanked citizens, who wish to participate in the Public Block Chain Ledger.

Contact us, to be part of this exciting pathway, and help build a future for Australia, within the Global Digital World.

Get your secure Global Digital Identity, with Australian AML support today, and start to change the world for the better.

If you are an existing Australian Bank Customer, ask them about certifying "your" Global Digital Identity, as you already have gone thought the AML process once already, its time for you to take control over your Digital Identity.

Also see
Secure Global Digital Identity, for the Digital World
Identity Theft and Digital World
Free hardware generated and protected Bitcoin/BlockAuth ECDSA Private keys.
Decentralized Authentication
public-block-chain-ledger-navigation




Disclaimer The contents of this site should not be understood to be accounting, taxation or investment advice but rather as general product related educational information that may or may not meet your specific requirements.

Free, Real-time Gross Settlement system (RTGS) for everyone, with a mobile phone.

Today, "money" is a in all cases a bag of bits within a computer system, gone are the days of bank vaults, guards or burglar alarm systems. Money is today sent for close to zero incremental cost between computers. The real costs involved in monetary payments, is securing the 100+ year old double entry accounting systems, and the mass of clerks and auditors who keep  "payment systems" and decade old payment networks like SWIFT running, and manage the risks associated with any losses. To be fair there is a "significant" regulatory cost imposed on banks, and payment systems as well, but these do not match the excessive payment fees which exist today, this is what creates the opportunity. If existing financial institutions offered a free payment service, or close to costs, once they isolated or upgraded their old world insecure accounting systems, than a new global service would get wind in its sails. The system proposed herein is the next generation of Real-time Gross Settlement Systems (RTGS) where all transactions are atomic, instantaneous and irreversible, and have the ability to execute in a distributed orchestrated data and processing environment, including P2P, even if the P2P is not the most likely first commercially deployable option.

Back to reality
An observation; there is "significant" amounts of money going into bitcoin related "block chain" activities, which will never become "verbs" such as to "Google" to "Xerox". There is no truly disruptive technologies evident in this space, which is probably not surprising given the focus on banks and their involvement combined with the massive amounts of profits made from processing payments today. A free payments system is simply not on anyone's agenda, it is typical to see recent graduates as heads of Banking block chain groups, or it is a part time activity for the non executive banking staff..

Like most entrepreneurs, one looks to the "big vision" which can "change the world", and make life better for all. Making money comes as a by product of achieving the "vision" or getting as close as possible, a fundamental different view of the world from the typical banking executive.

The Bill Gates foundation has spend billions trying to solve third world health problems, such a malaria, a free payments system which creates wealth for individuals, can more effectively address third world health issues, than any cure. Poverty unpins many third world heath problems.

There is a saying "Teach a man to fish and he can feed his family forever" in this case enabling third world populations to securely participate in the global economy, we envisage will bring lasting change for the better for everyone. The "Vision"..

Hence if payments, are the focus, rather than a total "Block Chain Ledger for Everything" solution, a vision which is consistent and a subset of the Secure Block Chain Ledger Vision, is a world with a fully decentralised and totally free payments system which is available to anyone who has only a mobile phone.






If one looks at the bitcoin network, it by design drives up the cost of a each transaction, some say its sits at ~$10 per transaction today, totally the wrong approach, its this basic.

Considering the references listed below, if one combines "triple entry accounting", the Private and Public Block Chain Ledgers and Secure Identification Numbers(SIN), and lastly BlockAuth then the implementation of a secure payments system becomes very simple, especially as almost all of the technologies required exist as freely available software today. To support a wide range of eCommerce, the same protocol supports orders and invoicing as well as payments, the two should not be separated.

As all public Block Chain Ledger entries are atomic and instantaneous, and in reality have close to zero incremental cost, then all payments should also be free, this underpins the vision.
We expect the wide availability of free payments, to have the potential to increase the GDP of many third world individual and countries, and lead to an improvement in the wealth of  all.

Today Cloud Accounting for sole traders, and Superannuation Funds is free, no-one needs to pay for accounting software, why not free payments as well.

This result will be truly disruptive to the existing old world, when combined with a fully decentralised Public Block Chain Ledger, and secure payment protocols, making use of the almost universally available global mobile phone platform and free software.

Key Features

• All payments less than a threshold, say $10,000 are Free
• Real-time, atomic, cryptographically secured, fully decentralised Public Block Chain Ledger, participating in a "Triple Entry" accounting ledger protocols.
• Explicit for FX transactions as required, no explicit gateways or exchanges required.
• All transactions appear instantly on the distributed distributed Public Block Chain Ledger
• Requires only a mobile device, with internet access,lightweight data usage
• Suitable for both first and third world participants, bring into the commercial world the existing disenfranchised populations.
• Supports payments to and between individuals who lack first world bank accounts or  identification
• Based upon well known double entry accounting systems, with addition of secure Block Chain Ledger technologies. Private Block Chain Ledgers do not need a single or standard technology solution set, only that they can publish and participate in supporting the global distributed Public Block Chain Ledger protocols
• Reuse of as much bitcoin technologies and available free software as possible
• No bank account required
• Saleable from micro payments though to any value, recognising there may be additional measures required to address additional risks or compliance requirements.
• Supports anonymous and non anonymous payments via SIN and SIN attributes.
• Non anonymous SIN required for all transaction amounts above $10,000.
• Support for commercial Orders and Billing within common payments protocols
• Any taxation is held within the Private Block Chain Ledgers, all payments are considered tax free as is the case today.
• Makes use of IMEI within Mobile device SIM cards.
• Practical unlimited value, is capable of being held within the distributed Public Block Chain Ledger, there is no hard protocol limits as there are no limits within the underlying double entry accounting systems. No wealth or money is created within the Public Block Chain Ledger or payments system.

What about Banks
What do financial institutions want?  Cryptographically verifiable settlement and clearing systems that are globally distributed for resiliency and compliant with various reporting requirements.

What role would banks play in a distributed free value transfer world?
Banks can continue with their existing functions, especially in the early stages, but are not a fundamental element of the solution space, especially for sub $10,000 value transactions with SMEs involved in  B2B, C2B and C2C type payments. In fact banks can use these same underlying technologies to bring their own ledgers into the modern digital world we all live in.

They also play a role in the Secure Identification Number (SIN), when there is a requirement for non-anonymous attributes being applied to the SIN, to support a range of commercial payments and regulatory frameworks, but like above this is not a mandatory element of the solution. And other providers will appear over time, like market place "ratings ect) all variations of SIN attributes are supported. One of the objectives is to support payments from people who have no bank accounts and no first world identification today, and are locked out participating in global eCommerce today.
The one palce that banks will still maintain an dominant position is the supply of "cash" most likely via ATM's for the various local communities, we don't envision the total replacement of "cash" and do not see anyone removing the dominance and convenience of ATMs, we would hope that they can be integrated into the free payments network, even if "cash" dispensing will probably never be free.

Banks also have significant risk management expertise, and in many cases this is a requirement of a successful transaction, especially as the transaction value increases.

But banks are optional parties within any payment transaction, it is the participants choice, in any decentralised solution, Opt-in is always the prim objective.

Why Mobile Phones
In many third world countries, without any banking or credit card systems the only technology that exists is a mobile phone.

Many of these countries rely almost entirely on services like "Western Union" to provide universal basic and not free money transfer and payments, western union is the practical "currency" in many countries.

Many developing countries have encouraged mobile phone companies to invest in infrastructure, the story of a home without any electricity, but with a solar charger for their mobile phone is not something unique today. Hence it is an obvious choice to base any global universally available payments system on this infrastructure.

Why the existing RTGS system is broken and cannot get anywhere close to FreeThe answer is obvious refer to the figure below, its nowhere close to KISS..

The Solution, Key Technologies

1. Hardware secured and protected ECDSA, and ECDH keys and key chain ( July 2015)
2. Secure Wallets on mobile devices (mostly available free today, just needs linkage to hardware key chain above).
3. Secure Private Block Chain Ledger (available today)
4. Secure Public Block Chain Ledger (available today)
5. Secure Identification Number(SIN) (complete infrastructure operational today)
6. SIN attributes for non anonymous  transactions (available today)
7. BYOD management for device compromise (available today)
8. BitAuth between key chain and mobile device ( available today)
9. Scaleable, algorithm agile eco-system (available today)
10. Payments protocol (in development)

A new and exciting word is almost here..

Reference Implementation

In the reference implementation, using a commercial hash keyed database, ~10,000 blocks per second could be processed. This is for each of the distributed PBCL nodes within the PBCL's; hence the total processing of the PBCL is practically unlimited. The reference implementation also supported ~ 5,000 read operations, this asymmetry is typical of commercial databases.  The performance is relatively independent of the number of transactions in the distributed PBCL up to the tested 1 Billion transactions. Due to the decentralised nature of the PBCL, this poses no technical transaction processing limitations, and should easily exceed any existing global payments system.

All transactions within the PBCL are atomic, instantaneous and irreversible.

Performance Comparison:

·         Bitcoin 7 tps

·         PayPal 115 tps

·         PBCL 10,000 tps for each BPCL node, unlimited across the global PBCL

·         Visa network <56,000 tps

Storage Comparison

·         Bitcoin, at very high transaction rates each block can be over half a gigabyte in size

·         PBCL typically less than 500 bytes per transaction

References
1. Free hardware generated and protected Bitcoin Private key and key-chain.
2. Identity Theft and the Digital World.
3. Triple Entry Accounting , and Block Chain Ledgers
4. BitAuth, Decentralized Authentication for the mobile digital world


Disclaimer The contents of this site should not be understood to be accounting, taxation or investment advice but rather as general product related educational information that may or may not meet your specific requirements.

BlockAuth, Decentralized Authentication for the digital world.

BlockAuth, is a new light weight, password-less authentication protocol, based on the same cryptography used in the bitcoin protocol. Eliminating centralised, server-side storage of shared secrets, and drastically reducing the impact of a compromised server. While designed to support a Block Chain Ledger within a range of financial transactions, can be applied to any existing and future Internet based system requiring secure authentication, especially all mobile platforms.

The majority of computer and internet authentication systems today, are based upon username and password pairs. The username is a unique identifier (usually an email address), the password the shared secret between the user and the system to which access is being granted. Some of the more security conscious systems (HSBC, BofQ, Amazon, Google ect) offer an additional one-time-password, usually based upon something one "has" to form an authentication triple.

The problem with these, and other systems, is the need to share and protect a secret, and the aggregation of these secrets within a centralised system:

• all smart cards need a shared secret key (typically DES key) loaded, CC, SIMs ect
• MFA and all one-time-passwords need a shared "seed" secret
• passwords are a shared secret

BlockAuth is a way to achieve secure, authentication using the same elliptic-curve cryptography as Bitcoin. Instead of using a shared secret, the client signs each request using a private key and the server checks to make sure the signature is valid and matches the public key. A nonce is used to prevent replay attacks and provide sequence enforcement, every BlockAuth signature is unique.
BlockAuth additionally supports mutual authentication between the client and the remote service.

BlockAuth is designed as a light weight, secure authentication service, which leverage's the Bitcoin free software base, be it with commercial EC curves, to allow mobile platform applications(APPS) to mutually authenticate with a wide range of internet accessible services or peers.

BlockAuth make use of a Secure Identification Number, or SIN, a fully decentralized, anonymous, secure identity, based on a the same bitcoin ECDSA key pair, SIN is an integral part of BlockAuth. The SIN supports both persistent, or ephemeral identifier, as well as the ability to opt out of anonymity as required. The SIN can be given to any number of remote services and there are for all practical purposes an unlimited number of SIN's for each client. The SIN is analogous to a bit coin address, as it takes the following form: base16check( 0x01 + ripemd160( sha256( pubkey) )

Typical authentication flow..
Client Application-> Server

1. SIN Registration: register your SIN with the remote service using a mechanism of your choosing generally, this takes place with client registration
2. Submitting Requests: requests are made over HTTP, with an x-signature:
1. generate a unique, unix timestamp
2. include nonce in your request
3. concatenate and sign URI + BODY with your private key, and provide it in x-signature
3. Remote Service: 
1. extract the public key from the ECDSA message signature
2. verify the signature
3. compare the public key against the registered SIN
4. Compose Response using similar form to above, but with remote Service details.
5. Response Body to include an optional expiry, pairing codes
4. Receiving Response: 
1. extract the public key from the response ECDSA message signature
2. verify signature
3. compare public key against with Remote Service SIN, received at registration.
4. Store any one-time use paring codes

BlockAuth Detached, Time Stamped, Signature

Based upon the international standard DER signature, extended with the addition of  "curve" and "timestamp" field elements. These extensions are downgrade comparable with the standard DER signature. This signature is also used within our Secure Block Chain Ledger, so can be utilised across multiple solution sets.

The timestamp field has several objectives, a) as the nonce, b) as a distributed, higher sequence number, c) as an expiry stamp for any key compromise processing, d) secure time stamping service for the signature. The time-stamp is appended to the message hash and hence bound to the signature.
The curve field supports our algorithm agility.

As a detached signature, this design can support the application of  multiple signatures if required.

The BlockAuth signature carries the public key. This removes the requirement to find the public key and allows secure linkage to the SIN attributes as part of any transaction processing.

DER ECDSA Extended Signature
C# Example Code
int recId
BigInteger r
BigInteger s
BigInteger unixtime
string  x-signature

            using (MemoryStream der = new MemoryStream())
            {       
                DerSequenceGenerator seq = new DerSequenceGenerator(der );
                seq.AddObject(new DerInteger(r.Value));
                seq.AddObject(new DerInteger(s.Value));
                // extensions
                seq.AddObject(new DerInteger(version.Value);
                seq.AddObject(new DerInteger(unixtime.Value);
                seq.AddObject(new DerOctetString(pubkey));
       
                seq.Close();
                x-signature  =  BytesToHex(encoder .ToArray());
         }

Example
pubkey:
"02326209e52f6f17e987ec27c56a1321acf3d68088b8fb634f232f12ccbc9a4575"
SIN:
"Tf3yr5tYvccKNVrE26BrPs6LWZRh8woHwjR"
x-signature: 
"304d02207693ad890971718ac5061a9abfdc2a699835e01cb296da8102a6b7d3c7b77e45022009f2b47605c01453d683ef4995660dcaff6e9927864d1bb016af67dc2787f40902011c0204557c38b2"

Note: Hex is used for clarity above, normally base64 encoding would be used for all byte[] structures.

BlockAuth Sessions

While one can  use the above dialogue to support a "stateless authentication" scheme, many existing systems make use of a "session" in which the above process is the initial handshake or login process. In order to support these types of systems, BlockAuth can optionally make use of ECDH key derivation process,  to derive an out-of-band shared session secret between the client and remote service or peer. This shared secret can be combined with the return "expires" time stamp to generate a secure "session token" for all subsequent requests. A typical usage is to combine this ephemerial secret with the HOTP protocol to produce a secure One Time Password solution.
Schemes which could make use of this shared secret are:

1. JSON Web Token scheme

2. AWS scheme

Signature = URL-Encode( Base64( HMAC-SHA1( DHSecret, UTF-8-Encoding-Of( StringToSign ) ) ) );

StringToSign = HTTP-VERB + "\n" +
    Content-MD5 + "\n" +
    Content-Type + "\n" +
    Expires + "\n" +
    CanonicalizedBitAuthHeaders +
    CanonicalizedResource; 

Pairing Token
BlockAuth supports the use of a paring token, this is a one-time-use token which can be used to access specific resources, via a specific role and or device ( mobile phone, tablet ect). This may be bond to a specific device Identifier, such as an IMEI code ect..

Replacing Usernames and Passwords

Simply replace username with a SIN, and password with x-signature, this provides a one time password approach, with no pre-shared secret.

Backward comparability: key the BlockAuth processing from the username SIN keyword prefix  "01" (base16 encoded)  which should be sufficiently unique, given most usernames are human related today.

BlockAuth is available for all Cognition API users, and SIN's will be provided along with the free ECDSA, and ECDH  keys and secure key pool chain available for all subscribers from the 1st July 2015.

C# Code
1. SIN Generation
                // Get sha256 hash and then the RIPEMD-160 hash of the public key.
                byte[] pubKeyHash = PubKeyHash;

                // Convert binary pubKeyHash, SINtype and version to Hex
                String SINversion = "10";
                String SINtype = "1"; //static
                String pubKeyHashHex = Utils.BytesToHexString(pubKeyHash);

                // Concatenate all three elements
                String preSIN = SINversion + _SINtype + pubKeyHashHex;

                // Convert the hex string back to binary and double sha256 hash it leaving in binary
                byte[] preSINbyte = Utils.HexStringToBytes(preSIN);
                byte[] hash2Bytes = Utils.DoubleDigest(preSINbyte);

                // Convert back to hex and take first four bytes
                String hashString = Utils.BytesToHexString(hash2Bytes);
                String first4Bytes = hashString.Substring(0, 8);

                // Append first four bytes to fully appended SIN string
                String unencoded = preSIN + first4Bytes;
                byte[] unencodedBytes = new BigInteger(unencoded, 16).ToByteArray();

                String encoded = Base16WithCheckSum.Encode(unencodedBytes);

Also see
1. Free hardware generated and protected Bitcoin Private key and key-chain.
2. Identity Theft and the Digital World..


Disclaimer The contents of this site should not be understood to be accounting, taxation or investment advice but rather as general product related educational information that may or may not meet your specific requirements.

Triple Entry Accounting, and Secure Block Chain Ledgers..

The magic in this space is what we sometimes hear called triple entry, which is highlighted by the bitcoin block chain’s success in mounting an independent currency over a shared ledger.

We all know how insubstantial internal ledger entries are, and how we can really only rely on them to the extent that we trust our internal processes (e.g. who can forget the Enron events of 2007 leading to a popular view that accounting and audit have failed us).

On the other hand, we also see how solid payment systems are. Whether bank- or Government- or private-run, payments generally work. When these multi-party activities do not work, all hell breaks loose, and people run, sometimes quite literally, to other systems.

When accounting ledgers break, we sigh and move on. Triple entry, via Block Chain Ledgers takes us from the unreliable fantasy of the accounting entry to the hard concrete reality of the payment: the secure distributed Block Chain Ledger is as solid as a bitcoin payment.

Quite simply, the basics of accounting have not changed for hundreds of years.
Today, the many well known issues are trying to be addressed by formulating new rules, employing more auditors and investing in more IT infrastructure. This is the wrong approach.

I believe most of the above are solvable by doing four things;

1. Make accounting of a business activity an integral part of that activity. Instead of treating it as a separate process. What if the invoice was the journal?
2. Sharing data between entities. Any business transaction involves an agreement of value by one or more parties. Privacy is not a problem as all parties should be recording the same data.
3. Using cloud accounting ledgers. Enterprises maintain simple private ledgers. Cloud APIs allow for easy integration and the development of APPS.
4. Securing each ledger, with private block chains, brings existing accounting systems into today's digital world, without throwing away everything ( like bitcoin has done).

Bitcoin achieves the first two things for cash payments. By creating and signing a Bitcoin transaction, one generates a proof (which is consensus verified) that the transaction happened and they had the rights & obligations to the unspent transaction outputs referenced in the transaction.

This doesn't mean that bitcoin should replace double entry,rather it augments the traditional accounting system ledger by providing a way for parties to share certain transactions as if they were as solid as payments.

E.g., when Alice Ltd wants to pay Bob Ltd, Alice will no longer rely on its accounting systems alone to describe this situation, and neither will Bob. Both of these parties will share a “receipt” that is cryptographically signed by some party that has mediated it (could be an existing bank such as ANZ, the Reserve Bank of Australia, or it could be VillageMall).

Triple entry accounting is very simple, as shown above, there are three parties, each holding a copy of the same receipt, hence the label "triple entry". In the Bitcoin world, that middle inter-mediator is the bitcoin block chain and the two other parties are the Wallets.

The receipt or public book above, itself is strong because it is cryptographically authorised by the payer, and cryptographically signed off by the mediator (as a minimum). It represents such solid evidence that it is practically irrefutable in terms of the facts on record, and it is trivially automated in audit terms.

Holding this entry is far more flexible than Alice and Bob relying  solely on their double entry systems because firstly you can build the double entry systems out of the collection of receipts any time you need them, and secondly, it is so strong that it can be used as evidence to create derivative claims. E.g. it’s a set-up for securitisation or loaning contracts or other more advanced uses. And, it’s a lot easier to audit because it is such solid evidence.

Back to bitcoin and its block chain. This is the first social experiment in a large scale triple entry issuance. In part, seeing what happens on the block chain generates excitement because we perceive an ability for any company to turn its stalled internal assets into contracts that are then dynamically mediated through cryptographic receipts.

Once one can issue all the accounted assets into a triple entry arrangement that others will instantly respect, finance will democratise.

Savings for every Accounting Ledger
According to Santander (2015), "distributed ledger technology could reduce the banks' infrastructure costs attributable to cross-boarder payments, securities trading and regulatory compliance by between $15-20 billion per annum by 2022".

So where are we at today?
With the release in 2004 of commercial Block Chain Ledgers the double entry accounting of each party Alice and Bob can now be secured, and audited via their individual "Private" Block Chain Ledgers. With the introduction of a intermediary or Public Block Chain Ledger (public ledger above), and communications based upon existing bitcoin block chain protocols, today we have a full implementation of a commercial "triple entry accounting".

Where each end accounting system and the intermediary public block chain provide a "secure"  distributed triple entry ledger.

This concept can be expanded, Bob above can maintain a local ledger containing all its adjustments, however it can also maintain a distributed ledger which contain details of all transaction or contracts. As the distributed ledger is agreed upon by all participants and there are digital signatures to provide a degree of non-reputability, Auditors can rely on this ledger. The auditors job starts getting easier, finally the digital world helps to secure old world double entry systems.

Worked Purchase Contract Example:
1. Alice -> Purchase Widget from ->Bob.
2. Bob  ->Ships Widget and Invoice -> Alice
3. Bob -> Posts journal  DR Account Receivable, CR Income to Private BCL
4. Posts Transaction, with unique TxnId to Public Block Chain Ledger(PBCL)
5. Alice-> Posts Transaction DR Expenses, CR Accounts Payable to Private BCL
6. Post transaction with same TxnId to Public Block Chain Ledger(PBCL)
7. PBCL-> combines messages 4, and 6 along with their signatures (Contract)
8. PBCL-> countersigns and timestamps the combined message 7, along with transactions (i.e DRs and CRs)  and posts to the PBCL.

Worked Payment Contract Example:
1. Alice -> Pays ->Bob.
2. Alice-> Posts Transaction CR Bank, DR Accounts Payable to Private BCL
3. Posts Transaction, with unique TxnId to Public Block Chain Ledger(PBCL)

4. Bob->Receives Payment->From Alice

5. Posts journal  CR Account Receivable, DR Bank to Private BCL
6. Posts Transaction, with unique TxnId to Public Block Chain Ledger(PBCL)
7. PBCL-> combines messages 3, and 6 along with their signatures (Contract)
8. PBCL-> countersigns and timestamps the combined message 7, along with transactions (i.e DRs and CRs)  and posts to the PBCL.

I believe that while the above could represent a practical Public Block Chain Ledger,  the commercial reality is likely to drive a range of specialist PBCL, i.e. each focused on a specific use case. Collectively these will form the globally decentralised Public Block Chain Ledger.  Each segment of the PBCL is navigated using Internet DNS entries, within the domain blockchainledger.net. An example of a reference specialist "payments" PBCL is provided at the end of this article.

In the case where a bank is offering the PBCL the changes to the above example are trivial. The point is all types of interactions P2P or traditional intermediary are supported. In the case of a bank intermediary, the Public Block Chain Ledger for each entity would simply be their "Bank Statement". The unique aspect of an architecture with both private and public Block Chain Ledgers, is that the distributed PBCL supports all "between" entity transactions, and hence the concept of "gateways" as used in almost all crypto-currencies is not required. With the PBCL and P2P transactions there is no settlement or clearing delays, as all entries are atomic and instantaneous. In the case of no intermediary there are some addition joint signatures required to secure the transaction, over the intermediary signature used, but all standard crystallographic techniques.

The fully distributed Global Public Block Chain Ledger is the record of truth, and available to all, the atomic nature of all Block Chain Ledger transaction, allow instantaneous transfers to occur.

In fact when the PBCL is applied to P2P payments, we do not see why all payments should not be free, as our analysis shows the incremental cost is close to zero, and each Private Block Chain Ledger can easily support its part of the decentraliced PBCL. The same could be applied to all commercial transactions which are capable of being processed though an accounting system,virtually everything.

An enhancement within the Block Chain Ledger over bitcoin, allows each and every block to have a unique private ECDSA key and the digital time-stamped signature, is applied atomically to each transaction block, This enhancement allows instantaneous sealing of each block and all transactions in time, plus traditional bitcoin identification of each block (address) and hence the ability to instantly post to the PBCL, this also supports detection of duplicate transactions, as the private Block Chain Ledgers cannot be changed or altered in any way by either Alice or Bob, the PBCL can request the parts of the block chain necessary to validate each Private Block Chain Ledger before signing the triple entry.

The public block chain ledger provides a real-time, atomic transaction, and reporting system.
The atomic transaction is completed once the PBCL entry in 8 above is posted to the PBCL, each party Alice and Bob and anyone else can verify the "Contract" or transaction, with a deterministic level of non repudiation.

An auditor can request all transaction data, and if required can counter sign, a Block within the PBCL and hence bind parts of both Alice and Bob's private Block Chain Ledger and also the PBCL in time (see BlockAuth detached time-stamp signature specification).

The point is that if one is inherently happy about Transactions then the accounting and audit process becomes much more simple; no need for reconciliation's or for an auditor to mess about with 3rd party confirmations (which are almost never returned!). An auditor can also gain 100% assurance into existence and completeness of transactions with counter-parties – this is the holy grail of audit.

As mentioned in the above comment, this is super useful, not only for audit. Due diligence, tax reporting, generating data for financial reporting also benefit, in fact almost everything benefits form this approach.

Bitcoin already contains a set of protocols which will allow interaction between each Private Block Chains and the Public Block Chain, with minor tweaks, this existing code and network, allows a kick start to a more commercial set of Block Chain Applications, that in most part have nothing do with digital money. Additionally as the Block Chain Ledger is based on traditional double entry accounting systems a mixture of P2P and more traditional Public Block Chains can be utilised. As above the Reserve Bank could run an inter banking Block Chain Ledger, that has all of the existing frameworks, but in this case actually secure and suitable for the modern "digital" world we all work in.


Welcome to the Internet of Value.
The intermediary Block Chain Ledger is in fact "signing off" or witnessing, both sides of the block chain ledgers transaction, this is in fact the "Contract" process, the ledger Transactions could be stock trading, property sales, or in fact anything that can be processed though a standard double entry accounting system.

The Internet of Value’s ubiquitous, seamless, comprehensive and secure method of transferring value allows for the distribution of value in all sorts of novel ways.

Some obvious use cases:

• syndicated loans
• trade finance
• supply chain provenance
• asset provenance
• clearing/settling
• cross boarder payments
• inter-bank payments
• identity/data authentication
• private stock/equity issuance
• contracts 
• global P2P payments

Implementation example.
Theory, is fine, but one also needs concrete commercial examples, one such implementation is The Cognition Cloud Accounting Engine, which due to the design, as a modern Cloud based double entry Accounting Engine; which is required to process high volumes of transactions, the internal design is consistent with the design requirements of a Private Block Chain Ledger, in fact each cognition ledger has a fully integrated Block Chain today, using existing bitcoin technologies.
The BlockAuth Detached, Time Stamped, Signature , has already been implemented in commercial Private Block Chain Ledgers, such superannuation funds in 2015.

The building blocks are here today, allowing companies to run their own secure private block chain ledgers, and also allow future integration with a public Block Chain Ledgers.

Reference Implementation
In the reference implementation, using a commercial hash keyed database, ~10,000 blocks per second could be processed. This is for each of the distributed Public Block Chain Ledger(PBCL) node within the PBCL's. Hence the total processing of the PBCL is practically unlimited. The reference implementation supported ~ 5,000 read operations, this asymmetry is typical of commercial databases.  This performance is relatively independent of the number of transactions in the distributed PBCL

Performance Comparison:

·         Bitcoin 7 tps

·         PayPal 115 tps

·         PBCL 10,000 tps for each BPCL node, unlimited across the global PBCL

·         Visa network 56,000 tps

Storage Comparison

·         Bitcoin, at very high transaction rates each block can be over half a gigabyte in size

·         PBCL typically less than 10 KB per transaction

Update 2016.
We have released the first Block Chain Ledger Payments Rail, which implements "tripple entry" accounting as described in this article. In addition the worlds first Bank International Settlements defined DvP Model 1, atomic cross ledger settlement..
See The Holy Grail of Settlements

Details:
The Global Block Chain Payment Rail
The Global Block Chain Securities Settlement Rail

Also see
1. Free hardware generated and protected Bitcoin Private key and key-chain.
2. Identity Theft and the Digital World..
3. Navigating the Public Block Chain Ledger

Disclaimer The contents of this site should not be understood to be accounting, taxation or investment advice but rather as general product related educational information that may or may not meet your specific requirements.

Free hardware generated and protected Bitcoin/BlockAuth ECDSA Private keys.

Available to all Subscribers, a free hardware generated, and protected Bitcoin and BlockAuth ECDSA private key.
From 1st July 2015, all current and future Subscribers will have a free ECDSA private key, generated within, and protected by our Cloud based Hardware security Module (HSM).

We offer this service to enhance the security of Bitcoin private keys, and to expand the usage of ECDSA signatures within a wider range of electronic commerce operations. Physical signatures are free today, why not Digital Signatures.

The history of cryptography shows us that good cryptography has been repeatedly defeated not because of bad math, but because of bad implementations of good math.

A paper was published by researchers from Australia and the UK describing an attack on OpenSSL’s implementation of ECDSA for curve secp256k1 (the one used by the Bitcoin protocol). The danger of key leakage via poor random data or side channel attacks is a concern, but is manageable with proper implementations. We believe hardware is necessary for the small number of security critical functions, and by making a hardware based solutions Free, there is simply no basis to continue to have these security issues within any FinTech application.

If you think these types of exploits are esoteric (and in reality many are), and nothing could happen to you, consider "There are nearly 150 Breeds Of Bitcoin-Stealing Malware In The Wild, ?, Researchers Say". If your "Wallet file" is encrypted and held to ransom, all of your bitcoins are effectively gone, there is no-one to turn to.

The recent introduction of  Bitcoin Hierarchical Deterministic (HD) Wallets or Extended Private and Public Keys, has introduced additional side channel attack vectors, plus allowed a single seed compromise to provide access to all private keys.

All ECDSA keys provided are unique hardware generated and protected, there is no known relationship, or side channel leaks between any two ECDSA keys within the system, additionally the key generation process does not expose any private keys based upon the knowledge of any Public key, a vulnerability in some bitcoin HD key chains.

We hope the introduction of Free hardware protected ECDSA keys, will contribute to improve security for Bitcoin and all ECDSA Signatures across current and future ECDSA and ECDH based applications. Additionally we plan to offer, mature implementations of core cryptographic support functions via our REST/JASON API, available to any VAR. Why would developers want to keep implementing the basic functions over and over again, when these are available. allowing developers to concentrate on the business side of typical FinTech applications.

Initial usage will include Signing of all documents within Accountants Web Office(AWO)  tax returns, tax declarations and almost any electronic media stored within the AWO suite of services.
Additionally the service supports a private key chain, which can generate an unlimited number of single use ECDSA public keys ( bitcoin like payment keys), within the Cognition Public Block Chain, or  any future public Block Chain supported FinTech applications.
The Cognition API also offers secure framework agnostic, enterprise BYOD device management.

Securing each subscribers ECDSA key material via hardware, is essential to the future of all electronic commerce applications, especially FinTech applications.

From the 1st July 2015, the introduction of freely available secure EDCSA private keys, to all VillageMall Subscribers, removes one of the last barriers to adoption of secure FinTech applications. Optional multi-factor authentication of every "affixed" signature, takes FinTech applications to the next security level.

Hardware based security, under pins our range of secure business, accounting and FinTech applications,offered via VAR's, including our Private and Public Block Chain Ledgers. All available via an open Cognition REST/JSON API, access is freely available to all Cognition VAR's and their clients.

Features:

• Free, included with each VillageMall Subscription
• Includes persistent (Type 0x01),  Block Chain Ledger, Secure Identification Number (SIN) 
• Hardware (Cloud HSM) internally generated, and protected key material
• Unlimited single use bitcoin private ECDSA keys, stored and accessible, via Key Chain.
• Key Chain, can be bound to Mobile device(s), and accessible via API
• Supports bitcoin DER and Recoverable Signature Generation and Verification via API.
• Key Chain helps prevent loss of Bitcoins when Mobile device is lost, stolen or compromised (ransom ware) 
• Optional Multi Factor Authentication (HOTP) for signatures (i.e human authentication)
• Ephemeral ECDSA Private key, no long term private key storage, reduces risk of key compromise, with static ECDSA Public key and Bitcoin Address
• Private keys secured to reduce possibility of private key access, or loss, critical when used with bitcoin.
• Exploits global bitcoin infrastructure, for non bitcoin applications such as Public Block Chain Ledgers
• Support Bitcoin Transaction (DER) signature, Message signature, getPublicKey() methods via API, only available to VAR's

Elliptic curve cryptography is a powerful technology that can enable faster and more secure cryptography across the Internet, without the need for any PKI or complex identification processes. The time has come for ECDSA to be widely deployed. We are taking the first steps towards that goal by enabling customers to use hardware secured ECDSA keys within any FinTech application..

The next generation of secure applications are available today.

Check out our next generation Public Block Chain Ledger(PBCL) for Accounting, Superannuation, Portfolio and other FinTech applications, for an insight on the future of Block Chain Ledgers (BCL) and Trust see Accountants, FinTech and bitcoin BlockChain  or the underlying  Triple Entry Accounting and Block Chain Ledgers, plus BlockAuth  the new decentralised authentication for FinTech and the Internet.


Disclaimer The contents of this site should not be understood to be accounting, taxation or investment advice but rather as general product related educational information that may or may not meet your specific requirements.

Cognition-> Public Block Chain Ledger for Accounting, SMSF, and Portfolio processing.

Bitcoin is probably the most well known public block chain implementation.
In the first Quarter of 2015, we introduced the first secure, private Block Chain Ledger, as part of the Cognition Cloud Accounting Engine solution.

This private Ledger Block Chain differed from the bitcoin implementation in several ways:

• The clock chain is a secure by mature, hardware based cryptography, capable of third party ITSEC evaluation
• The block chain is fully distributed (bitcoin is a centalised block chain), and bound to a single ledger
• The Cognition block chain, due to its decentralized architecture, can scale to billions of transactions without any performance derogation, or massive size.

Within the commercial world, not all ledgers, need or want to be public, the dual threaded distributed block chains allows a commercial decision to be made regarding exposure to the public block chain.
As an example a Broker may only expose trade related transactions, which keeping internal settlement private, this allows full disclosure of all trading which may be the objective of the public  block chain.

Like wise there is a commercial need to support a bitcoin like "public" block chain for a number of FinTech applications. In order to meet these requirement, we plan a 3rd Qtr release of a Public Block Chain ledger as follows:

• Be a bitcoin like block chain ledger
• Map any private block chain Ledger, into a bitcoin like seamless public block chain.
• Map secure private block chain ledger onto the ECDSA bitcoin implementation
• Support ephemeral ECDSA private key in public block chain, to reduce bitcoin like vulerabilities
• Map the private block chain Ledger onto a number of ECDSA related BIPS, including support for bitcoin like address, multiple public keys,  derived public key from signatures. 
• There is no need for any mining, consensus or linkage to money printing, this is a commercial Ledger.
• A DNS like global Block Chain, ledger navigation.
• All access via a secure REST/JASON API.
• Platform and OS agnostic.
• Explict permission required to publish as a "Public Block Chain"

The duel thread, private/public block chain ledger is designed to allow a wide range of commercial application to be supported by Public Bock Chain Ledgers (PBCL).

We plain on releasing the specifications for the decentralized Public Block Chain Ledger (PBCL) into the public domain, on or around the first release.

 The Public Block Chain Ledger is derived from a full featured, commercial Cognition Cloud Accounting Engine, and provides full featured reporting and compliance processing, with integrated Accountant back office Virtual CFO support.

Initial Block Chain support is proposed for the following:

• Self Managed Superannuation Funds (SMSF)
• Broker Portfolio Solution (BPS)
• General purpose Cognition Accounting.

The next generation FinTech accounting Bock Chain Ledger engine is available today to any VAR, and as a Public Block Chain Ledger from 3rd Quarter 2015..

Contact VillageMall for details or to be involved in the early trials.

Disclaimer The contents of this site should not be understood to be accounting, taxation or investment advice but rather as general product related educational information that may or may not meet your specific requirements.