The field of ecommerce has always exhibited a tense relationship with cybersecurity.
Despite its massive need for better safety measures due to the sensitive nature of the data it collects and stores, ecommerce remains an easy target for hackers. The 2014 hack of eBay, which compromised almost 150 million users' private information, and even the Target hack in 2013 which did the same for nearly 110 million individuals, demonstrate the very real threat of an ecommerce site being hacked.
For these websites, the threat is both immediate and potentially catastrophic. ecommerce businesses require highly sensitive information from customers—address and contact details, credit card and payment information—but despite their best efforts, security remains a reactive game for them. The issue stems from their centralized structure and the sometimes-outdated methods they use to protect data.
Blockchain, the technology that supports most cryptocurrencies, offers the industry an alternative that can improve the status quo on two different fronts. The first is the issue of centralization, a problem blockchain resolves simply with the way it's built. The second is more practical, as the technology's decentralized and disintermediated model allows for the creation of security systems that take advantage of these features to create more optimized paradigms for cybersecurity.
Changing the centralization paradigm
Ecommerce websites act as de facto points of sale for customers. Though in some cases it's third party applications like PayPal or Stripe, most websites that accept credit cards must hold customers' information and details in their data centers. As the Target breached revealed, this information is significantly less secure than consumers would like to believe. The core problem is the degree of centralization these legacy systems exhibit.
Unlike blockchain's decentralized networks in which information is completely distributed, centralized systems make attacks more likely because they present a single target to hack. Even with advanced protections and heavily encrypted servers, no system with a single access point is completely safe. With enough time and resources, even the most robust systems can be broken. Blockchain's solution to this vulnerability is built-in thanks to its novel architecture.
Due to its decentralized network design, where each node holds the chain's transaction history, blockchain presents a logistical near-impossibility for hackers.
The Blockchain technology allows the creation of platforms that are extremely resilient in nature. For example, traditional attacks such as DDoS becomes impractical as hackers would need to coordinate attacks on hundreds, and potentially even thousands of nodes concurrently, which is how the Gladius projects is seeking to improve the centralized and ineffective marketing of DDoS mitigation and CDN.
Moreover, blockchain's distributed ledger means that document manipulation is also unlikely, as all points in the network have access to data simultaneously, so falsified or tampered-with files are easy to detect.
Some companies have begun working on providing a safer solution for companies that are client-facing and must confront significant risks of being attacked. Edge, for instance, provides a user wallet that offers exclusively client-side encryption, meaning companies never have access to users' credentials.
Creating an ecosystem based on security
More than simply providing a safer canvas, however, blockchain also offers ecommerce and developers the tools to create a safer ecosystem by building the applications and peripheral tools that may change how security systems work for online retail. One of the biggest paradigmatic shifts in the industry has to include better protection of user data and privacy.
The many well-publicized breaches of major retailers such as Starbucks and their sometimes-clueless responses highlight the need for users to exert better control over their data when shopping.
These kinds of platforms are becoming increasingly popular, letting users browse websites secure in the knowledge their information is being kept safe. REMME for instance is looking to change the way people verify their identity and eliminate the use of passwords, a point in the ecommerce chain that is especially vulnerable. The company uses SSL certificates to bind user IDs to a specific device and removes the need for a password or similar credential for access. This way, users simply need to press a button to validate their credentials, and there is no opportunity for hackers to intercept a password. With such a system, users could reduce the likelihood of fraud significantly as it is much harder to steal their credentials and identity.
Some companies have already started taking advantage of this in the ecommerce and payment processing worlds. Crypto wallet maker Mycelium, for instance, is in the process of creating an ad-hoc economy model that uses a blockchain-based card to handle payments. The technology eschews the need to provide information to sellers and even hand over credit cards, limiting the danger of stolen identity and reducing the burden on merchants to protect user data.
Others, like Storiqa, have simply created their own marketplaces entirely on blockchain. The company can provide users with more direct connections to retailers and safer transactions, all while removing any intermediaries that could weaken the security around digital storefronts. Companies like OpenBazaar are following similar models, banking on the security advantages of distributed ledger technology, and the increased transparency cryptocurrencies offer.
A safer today on the web for retailers
The industry has made significant strides in its online security efforts, and ecommerce is booming. However, as the sector expands, the threats and vulnerabilities will also mount. The current model has already proven itself to be insufficient, and the consequences of inaction could impact not just retailers themselves, but millions of users across the globe.
Embracing blockchain is less than a lofty goal for the future. To continue offering the best in user protection and cybersecurity, companies may quickly realize that the way things were maintained is no longer working. Ensuring they can continue operating online safely may well lead to an accelerating pace of adoption across the space as innovative solutions emerge from the crypto sphere to creatively solve these inherent deficiencies.