Many media reports and business gurus argue that the distributed ledger system will upend traditional payments and financial transactions, but so far, its impact on the real world has been limited.
A series of bank-backed projects around the world – the IBM-backed Hyperledger Fabric project, the Utility Settlement Coin, and R3’s blockchain consortium – have started, but they are far from yielding results that typical users will notice.
Korea’s banking industry, in cooperation with Samsung SDS, has already put blockchain to use for their retail clients. Major banks rolled out the blockchain-backed authentication platform BankSign last month.
Korea’s much-maligned certificate verification system is considered to be vulnerable to privacy thefts and duplication risks, so the new system may boost banks’ appeal to their users.
The move also turns the country into a proving ground for whether blockchain can fulfill the promise of ensuring security and accurately preserving transaction records. Unlike a conventional record-keeping system built on a centralized ledger system, blockchain can keep a shared digital ledger of transaction data on a network of computers, known as nodes, making it more tamper-resistant.
This reporter has used the new platform for weeks, and it’s clear that BankSign currently falls short of the blockchain enthusiasts’ hopes for simple, quick settlement. BankSign is tough to use, as it is just as hard to register for it as the current system and the processing time is slow.
But the platform isn’t without its own merits. The initiative will likely pave the way for innovative financial services, such as smart contracts, and may lead to improved security.
Setup headaches
A total of 15 banks are joining the project, including the country’s four largest players – KB Kookmin, Shinhan, KEB Hana and Woori. The Korea Federation of Banks, an association that represents banks operating in Korea, oversees the operation. Samsung SDS built the underlying blockchain technology used in the platform.
The banks allow users to choose the verification method they prefer on their mobile banking platforms. They can choose from the current certificate-based one, BankSign, or biometric authentication.
Two weeks into the launch, some 10,000 users have downloaded the BankSign application to give it a try.
But users gave the app a mixed reception, with an average rating of 3.5 out of 5 on Google Play. Many users wrote in their reviews of the app that they got confused setting it up and gave up.
Once a user opens the BankSign app, a message pops up saying they should register with BankSign for each bank’s mobile application. A BankSign registration button is tucked inside the digital certificate center option on mobile banking apps in a counterintuitive way. Once users find the registration option, they must undergo a five-step enrolment process that requires verification text messages and a bank security code card.
Once users have navigated through this, they have to go through another separate, four-step registration to verify their identification and set a password to log in with BankSign. This four-step procedure is required separately for each bank.
It took 20 minutes for this reporter, who is relatively accustomed to testing new mobile services and technology, to finally have BankSign up and running.
The federation said that it is working on improving the app.
“We acknowledge the problem,” said an anonymous source at the Korea Federation of Banks. “Now, it is in its initial stage, so we are finding ways to directly link users with each bank’s app once they open the BankSign app.”
The BankSign verification is still not available for foreign residents in Korea and only works with mobile apps. The federation said that an online version will be launched in September after the banks have spent enough time testing it.
Park So-yoon, a 28-year-old graduate student, is among the people who had trouble using BankSign.
“After I heard the news [about BankSign], I tried to use it after learning that it will have strengthened security,” she said, “But I gave up halfway through.”
The project began a year ago with the consortium that originally consisted of 18 banks. Kakao Bank, Citibank and the Korea Development Bank haven’t decided whether they will embrace BankSign or not.
“The Korea Development Bank plans to join next year, and we heard that the other two banks are also considering adopting BankSign,” said the source at the Korea Federation of Banks.
Security is key
Despite BankSign’s inconvenience, the new system does have multiple attractive points, such as blockchain’s secure nature. It also doesn’t have to be renewed as often. Currently, users have to renew their digital certificates every year at a bank branch or through a multiple-step process online.
But the BankSign system has to be renewed only once every three years. Another major merit is stricter security thanks to blockchain’s core principles.
The improved security is linked to blockchain’s hash function. Hash refers to the process of converting input data into encrypted output of a fixed length, which makes it hard for unauthorized entities to decode the encrypted results. If anyone attempts to change the hashed data, the change requires approval from more than half of the authorized participants, known as nodes. In the BankSign project, the participating banks will serve as nodes to monitor data-tracking.
The federation said that the system is fitted with extra security measures, like double encryption.
The use of blockchain could allow for new financial services. A Samsung SDS spokesperson used the example of smart contracts, which are self-executing contracts directly written into lines of code.