A cryptographic paradigm shift in data cybersecurity

According to the annual report from the WEF about global risks, increased cyber-threats is one of the biggest risks that companies and countries face right now. Attacks in businesses have almost doubled in the past 5 years with no sign of decrease. One of the most common attack types is data breach where attackers target the database of the company in order to get access to customer data. With the exponential increase of data value these days, these attacks are only going to become more and more common. Combined with the increased regulation regarding data from GDPR but also the increasing availability of customer data in absolute terms and suddenly private customer data becomes a potential liability for any business.

The solution?

Businesses in the cybersecurity environment are presented with two options. Either they create robust in-house processes to handle, store, and secure data, or they minimize the amount of data that they receive, putting much less strain to the processes in place. Choosing an option out of the two is a very difficult matter for each company. That being said, at Decentriq we identify two crucial factors in this decision. First, whether or not the acquisition of this data is crucial to their service (e.g. KYC for financial Institutions), and second, whether or not the company derives value from the analysis of this data.

What seems to be the norm today is that if any of those two conditions is true, the company decides to keep the data in-house. At decentriq we argue that this is not necessarily the best solution.

Applied cryptography for enhanced data security

We are able to present a third alternative. Instead of businesses putting themselves in that artificial dilemma between the risk of data breaches and the disruption of their capabilities, we propose data security through data storage minimization. Instead of worrying on how and where to save all the data that they get, by utilizing cutting-edge cryptography, they are able to analyze this data remotely, while it is safely stored in the client’s computer.

Combining zero-knowledge and enclaves, a practical example

A company has users signing up to its website in order to get access to a service or to buy a product. Then, the company needs to validate each time if the user logged in correctly. This would require the data to be saved on a company server that could validate such a claim (that the user has logged in correctly). It is possible to store all this data in a user’s computer and with a zero-knowledge proof software, to just validate whether this claim is right or not.

In a more advanced scenario where the user has agreed to his data being processed, the company might deem it useful to perform analytics. For example, what is the login time peaks on a specific geographic location. Until now, this kind of analysis would require the company to save the data and do the analysis locally. This entails the risks of data breaches exposing IPs or geolocations. With our proposed solution, all this analysis could be done inside a secure enclave without exposing the data to anyone.

Epilogue

Until now, hoarding user data was done because it was easy and secure. Today, this data can be of serious value. Automatically then, this data hoarding becomes a security and reputational liability. But there is another way. At decentriq we are experts in confidential computing technologies that allow privacy-preserving and secure usage of this data. This way we make sure that any business takes only as much risk as it needs to.

Decentriq

At decentriq we leverage our knowledge of cryptographic technologies to provide value to our customers. By being on the development forefront of these technologies, we are a trusted partner for cutting-edge cryptography.