The idea that an Internet currency could solve the credit card hacker epidemic may seem counterintuitive. After all, hacking is a product of the Internet. Without the Internet, there would not be any point-of-sale (POS) retail hacking to fear. Bitcoin is far from mainstream, but it is a fascinating technological invention that is virtually un-hackable.
What is a Bitcoin? Bitcoin is “crypto-currency” that exists only in data. Bitcoin’s value is determined by the market, without any tangible items to support the value. This is also true for most government currencies (including the U.S. dollar), in which the currency only has value because markets accept it.
Bitcoins are transferred between users from digital “wallets.” The transaction experience from one wallet to another is similar to an electronic funds transfer using PayPal. While the process may seem similar, the two are different. Bitcoins can be bought and sold on exchanges, like stocks. Some people speculate on Bitcoin because of the volatile fluctuations in its value. Although all currencies fluctuate in value, many of them are so widely used that fluctuations are almost unnoticeable.
A single Bitcoin consists of an alphanumeric key (private key) and a public address. The private key is the only way a Bitcoin can be used. When a Bitcoin is transferred, a decentralized group of computers processes the exchange of currency. This group of computers creates a ledger called the “block chain.” Computers contributing to the block chain are rewarded with newly minted Bitcoins. Anyone can run the software and participate, which makes it impossible for a government to shut down the service, although some countries have passed laws forbidding its use. Such laws dramatically impact the use of Bitcoin, but have failed to stop the technology itself. This provides a gray market currency for people living in countries where the government has hyper-inflated the national currency.
Bitcoin is secure and virtually unhackable. The technology (block chain) itself is unhackable. Because of Bitcoin’s use of private keys, the blockchain is accessible for anyone to see. Bitcoin’s design removes the need to keep credit card hackers out; there is no way to corrupt the block chain since all computers participating must agree. However, because of convenience, some Bitcoin holders started using online wallets, which are only as secure as the website’s security.
Websites are commonly hacked, which makes this type of wallet insecure. All a hacker needs is the private key (text) in order to spend Bitcoins. Keeping private keys locally on a phone or computer is much more secure, and in many ways unhackable. A hacker would need to physically have your phone or computer to steal Bitcoins (private keys). Additionally, most phones and computers are password protected, adding an additional layer of information security. Some users have taken data security a step further by printing Bitcoin private keys on paper and erasing digital records. This method is highly secure, but if the printed Bitcoin is lost or destroyed, it’s lost forever.
Why should Bitcoin matter to retailers? First of all, Bitcoin is secure. Hacking POS becomes obsolete. Once a transaction (private key) is passed from a customer to the retailer, the funds transfer is nearly instantaneous, rendering the former private key unusable, as a new private key is issued to the retailer. By contrast, credit card numbers remain usable until their expiration. In some form, there will always be credit card data available to be hacked. In some of the POS hacks making headlines in recent years, the credit card data was obtained from RAM, which is temporary data storage in a computer. Encrypting data in RAM is very difficult. Even if a solution is created for this hack, hackers will devise new ways to penetrate data security systems. Eventually, hackers will compromise chips, PINs, or anything else retailers use to safeguard data.
The current credit card system works under a system of “trust” between informational databases. Bitcoin does not operate under a system of trust—rather a system of openness. All Bitcoin information is written to the block chain (ledger). However, the only way to spend a Bitcoin is with the private key, which is held exclusively by the user. There is nothing to hack – everything is open for anyone to see. There are no walls or locks necessary to keep bad guys out, because the block chain is completely open. As it relates to POS systems, there is no useable data to steal, because all of the private keys have already been passed to the block chain and are now worthless. Bitcoin private keys are like a one-time use credit card number, and only you have that number and it has never been used before. Once you use that card number, the card number is rendered useless.
This type of transaction may be appealing to retailers, because POS data becomes less valuable. I’m sure there are retail executives losing sleep over securing credit card data. With Bitcoin, this concern becomes a thing of the past.
Implementing Bitcoin at a major retailer would be uncharted territory. Doing so would require adding equipment similar to a credit card PIN pad. Additionally, Bitcoin has not been widely adopted by consumers, so very few customers would be using it initially. Most consumer fear stems from value fluctuations in the currency, which won’t be resolved until the currency hits a critical mass.
This article was excerpted from “Why Bitcoin May Be the Solution to POS Data Hacks.” Check out the EyeOnLP video interview with the author as well.