This essay originally appeared in the RSA Conference Blog

When someone launches a startup, or a new line of business in an established enterprise, at some point, sooner or later, they need to decide how to handle cybersecurity. They may have already postponed implementing cybersecurity several times, using excuses such as “it does not make sense to spend on security before we get revenue”, but they can’t delay onboarding security into their organization forever. Contrary to popular belief, launching cybersecurity initiatives doesn't necessarily require extensive financial investment or vast resources. To begin, organizations need to answer several questions. While getting help from experienced professionals is ideal, they can certainly tackle this process themselves if that's not an option.

The first question to ask: “Who is the person responsible for making decisions regarding security?” Even if a high‑ranking manager is tasked with this story, that person is not necessarily the one who should carry it out. Holding responsibility for a particular part of the business—say, technology—creates a conflict of interests, so the task should be escalated to a higher executive—or ideally, the business owner—who cares about the long‑term success of the business. Putting the wrong person in charge of security is the number one security vulnerability in organizations.

Assume for a moment that the decision‑maker is also the one who cares deeply about security. The next four questions that must be answered are:

• How critical is the data (both organizational and customer data)?
• How critical is the availability of the product or service (availability is defined below)?
• Does the organization need to comply with any laws or industry regulations?
• And finally: How important is the organization’s reputation?

The process of answering those questions is called risk assessment. This can be done by the business owner and does not need to be done by a security professional.

While advanced steps like threat modeling and quantitative risk assessment are best left to professionals, an initial review offers crucial insights into future challenges and better prepares teams for expert collaboration. Now, let's explore those four questions.
​
First, review the available data—whether organizational, customer, or both—to determine its criticality to ongoing operations and to customers. If the business cannot continue operating once such data is lost or stolen—for example, payment data, healthcare records, or deal records—the answer to the first question is the data is critical, and adequate controls must be designed and implemented to protect confidentiality and integrity of the data.

The good news is that in many cases there are some laws or industry regulations that protect critical data, for example, Payment Card Industry Data Security Standards (PCI DSS) for payment data, or HIPAA for healthcare records, or General Data Protection Regulation (GDPR) for personally identifiable information (these regulations can help answer question three about compliance). But that’s not always the case. For example, an organization might store transaction data that is not classified as sensitive under the regulations above but is, in fact, sensitive because it reveals extensive information about customers and business activities. The lack of regulation in a particular business area does not mean the data is not attractive to hackers.

Question two is also partially about the data but different aspects of it: availability. At this stage, it is crucial to understand the impact on the business if service to customers cannot be maintained and to define the maximum tolerable downtime. When a Service Level Agreement (SLA) exists with customers, this task is going to be simple as the required availability is typically defined therein. In the absence of an SLA—or when downtime parameters are not defined—the required availability should be estimated based on common sense. To clarify, examples of threats to availability include Distributed Denial of Service (DDoS) and ransomware attacks. Both can cause short or long-term downtime, so when continuous service is essential, adequate controls must be implemented. However, if the data is readily restorable—for example, statistical records that can be rebuilt from other sources—it may be acceptable to go easier on security protections.

One important tip: note that the attack vectors (and therefore corresponding security controls) are different when it comes to protecting confidentiality and availability of the same data. For example, a sophisticated Data Loss Prevention (DLP) system can protect against information leaks, preventing attackers from exfiltrating data. But ransomware attackers don’t care: need the data itself. What they do is delete the original data, replace it with an encrypted copy, and demand payment for the decryption key.
Question three on compliance—previously discussed briefly—if the data and environment fall under any relevant regulations, qualified assistance is recommended for two reasons: a formal assessment and certification process will be required, which is not trivial. More importantly, compliance requirements don’t appear without reason: the data must be valuable to hackers, making the business a desirable target that is worth it to spend significant efforts and resources to break into their premises.

Finally, the reputation question. Although protection company reputation seems to be obvious, it is amazing how many business owners ignore it. Even low‑profile data that can be easily restored may still be targeted by attackers for various reasons, sometimes just for fun. Suppose attackers breach a development environment containing no production data, steal the contents, and publish them on so‑called data leak or shame sites. Although the stolen data may have little intrinsic value, the mere fact of the breach can lead existing and potential customers to assume that their production data is equally vulnerable. 

Getting started with cybersecurity doesn’t require perfection—just informed, intentional steps. By asking the right questions early, a solid foundation can be built to protect the business, its customers, and its reputation.

This essay originally appeared in the RSA Conference Blog

Bitcoin recently celebrated its 16th anniversary with an all-time high price. One of its big promises among others was revolutionizing the way we pay for day-to-day purchases such as groceries. Crypto enthusiasts actively promoted moving away from plastic cards—which were conceived in the 1950s and increased consumer dependency on banks—to modern, cyber-friendly methods that allow independence from centralized financial institutions. But when you approach the checkout lane in your local grocery store, you won’t see a “pay with crypto” sign.

Merchant Challenges
It’s often argued that merchants are conservative about adopting new technology, and this is partly true. The main reason for that is low net profit margins that don’t leave a lot of room for experimentation and investments in costly hardware and software. But that’s not the reason, or at least not the only reason for mainstream merchants not offering crypto payments. If we look at other new tech such as artificial intelligence (AI), which is younger than Bitcoin, we will see that AI tools are being enthusiastically embraced by many retail chains. So why isn’t crypto so fortunate? 

Merchants follow the technological trends for one of two reasons: operational cost reduction or demand from customers. The ideal situation is when a new tech provides for both, but this would be rather a rare, lucky case. Examples of technologies that represent both cases and a combination of them are self-checkout lanes, Apple Pay feature, and automatic product recognition respectively.

Self-checkout lanes dramatically reduce retailer costs by requiring only one attendant to oversee multiple stations instead of employing several cashiers. Apple Pay, on the other hand, came as a trend from buyers requesting wider support for their favorite gadgets. AI-based systems like automated product recognition are both convenient for the buyers and reduce the average checkout time for merchants.

Customer Incentives
Unfortunately, crypto payments still can’t find their place balancing between the merchant cost efficiency and customer demand. For retailers, they introduce hurdles like regulatory compliance uncertainties and require investments in implementation, maintenance, and security. From the consumer side, the overall demand is low as the percentage of mainstream buyers who want to pay with crypto is still relatively small, but there is an even more important factor that prevents customers from actively lobbying for retail crypto payments: lack of financial incentive.

Over a third of transactions at brick-and-mortar retailers--don’t cost the buyer anything, as merchants cover the processor fees for credit card payments. Moreover, most credit card users benefit from paying by credit card as they get cashback from the bank that issued their card--up to 5% of the total transaction amount. In contrast, crypto payments often require the sender to pay network fees, which can fluctuate widely depending on network congestion. And even if a merchant decides to cover that fee, which will significantly increase its transaction cost while making it unpredictable because crypto fees are fluctuating, they will never be able to compete with cashback incentives.

The banks have a huge resource to pay out those cashbacks not just using the transaction processing fees paid by merchants but with endless late fees and interests on credit card balances paid by the cardholders themselves. Merchants and crypto payment processors can’t compete with banks in this area. They don’t offer credit to customers and, therefore, can’t offset costs through interest and late fees to fund large incentives. Nevertheless, from the point of view of the average consumer, credit card payments still look financially more attractive than crypto payments.

The Privacy Advantage
If there is a light at the end of the tunnel, it should come in the form of a unique benefit that crypto payments can provide to consumers that banks can’t. Could privacy be the key to unlocking widespread crypto adoption?

Formally, credit card transactions are considered private, but in reality, it is courtesy of several companies such as payment processing bank--the one that works on the merchant side --and an issuer bank--the one that gives you the cards and sends you the monthly statements. These corporations are heavily regulated and their databases are vulnerable to cyberattacks. So, information about your transactions can either be subpoenaed by government organizations or stolen by hackers.

Crypto transactions offer enhanced privacy because they are processed on decentralized networks, removing the risk of centralized data breaches and possibility of disclosures to any third parties. There are also privacy-focused cryptocurrencies such as Monero that, unlike Bitcoin or Ethereum, completely protect transaction history from anyone except for the wallet owner. 

While freedom from interference is still not a big concern for many people, as our lives shift into cyberspace, we become more aware of the importance of privacy and, the benefits of crypto payments may become evident to a critical mass of consumers, justifying any cost differences. This shift could occur sooner than we expect.

This essay originally appeared in the ​IEEE Spectrum magazine

Pavel Durov, the founder of the chat app Telegram, was arrested in late August in France on charges that the company hasn’t done enough to prevent malicious and illegal activity on the app.

One might be tempted to think that Telegram’s high level of data protection would prevent it from effectively addressing malicious activity on the platform: If Telegram can’t read their users’ messages, they can’t spot lawbreakers. Founded in 2013, Telegram has positioned itself as a privacy-focused, secure messaging platform that prioritizes user freedom and data protection. Durov has emphasized his strong commitment to privacy and free speech. In a tweet about the arrest, Durov wrote “Our experience is shaped by our mission to protect our users in authoritarian regimes.”

However, a closer look at the platform’s technology shows that privacy on Telegram is, at best, fragile.
First, while the Telegram’s client-side code was made open source, the server-side code was never opened to the public. This violates a widely embraced idea in cryptography known as Kerckhoffs’s principle, which states that everything in a cryptosystem should be public knowledge, except for the secret keys themselves.

Because the server code is closed source, there is no guarantee that Telegram does not just retain information forever.

While client code, which runs on users’ devices, is responsible for implementing private chats through end-to-end encryption, the server code, which runs on Telegram’s proprietary data centers, could do a lot of things that privacy-focused software is not supposed to do—for example, it can collect metadata, which includes statistics on user activities and geolocations, monitor and even eavesdrop on non-encrypted conversations, and report the information to third parties such as intelligence services or commercial corporations that could misuse it. Because the server code is closed source, there is no guarantee that Telegram does not just retain this information forever. If Telegram does, they could report that information when officially requested by someone, or even worse, provide an opportunity for hackers to leak it, even after you think you’ve deleted it.

Second, even Telegram’s approach to encryption on the client side is not optimal for privacy-focused software: Telegram’s communication is not encrypted end-to-end by default.

Most online communication these days is encrypted, which means that the text you send from your browser to some website is not going through the Internet as clear text, as cryptographers call it, but encrypted—typically by the encryption standard called Transport Layer Security (TLS). While there are benefits to TLS—it encrypts network messages to prevent listeners to the Internet traffic from eavesdropping on the data being transmitted—there is also a downside. The data is encrypted only when it is transmitted over Internet routers, but it is decrypted by intermediate servers—for example, by the Telegram servers. This means that Telegram can read and retain all your conversations.

Telegram inexplicably claims to be “way more secure” than WhatsApp, without offering any proof or reasonable justification.

Unlike TLS, end-to-end encryption ensures that the data is encrypted and decrypted using unique encryption keys that are known only to the sender and the recipient. For example, your chat message is encrypted inside your device, a mobile phone or laptop, and sent in its encrypted form through all the servers, including Telegram’s servers, and decrypted only at the other end—inside the recipient’s device.
End-to-end encryption by default would guarantee that Telegram cannot read your messages under any circumstances. In the case of end-to-end encryption, even the fact that the server source code remains proprietary should not affect the security of the encryption because the servers don’t know the encryption keys.

Yet because Telegram’s end-to-end encryption is not enabled by default, many users may overlook this fact, leaving their communications vulnerable to interception or eavesdropping by Telegram personnel, intelligence services, or hackers. In contrast, another popular messaging service, WhatsApp, not only has end-to-end encryption enabled by default but also extends it to group chats—something Telegram lacks entirely. Despite this crucial difference, Telegram inexplicably claims to be “way more secure” than WhatsApp, without offering any proof or reasonable justification.

It is also important to note that even end-to-end encryption does not prevent Telegram from collecting metadata, meaning that even though the text of your messages cannot be read, one can still see when you sent the message and who the recipient is.

Since the server code is not open source, we don’t know how Telegram manages metadata. Even with end-to-end encryption protecting the content of messages, metadata such as the time, geolocation, and identities of users can still be collected and analyzed, revealing patterns and relationships. This means that metadata can compromise privacy by exposing who is communicating, when, and where—even if the messages themselves remain encrypted and unreadable to outsiders.

Third, for both end-to-end encrypted and standard chats, Telegram uses a proprietary protocol, called MTProto. Because MTProto is proprietary, the full implementation is not publicly available for scrutiny. Proprietary protocols may contain undisclosed vulnerabilities. MTProto has not undergone comprehensive independent security audits comparable to those performed on open-source protocols like the Signal Protocol (which WhatsApp also uses). So, even for so-called secret chats, there is no guarantee that the implementation is secure.
These technical shortcomings have real-life consequences.

Freedom of speech and privacy are fundamental human rights, but we should be careful about how we use the tools that promise to preserve them.

Telegram was blocked in Russia in April 2018 after the company refused to comply with a court order to provide Russian authorities with access to encryption keys, which would have allowed them to decrypt user messages. Despite the ban, Telegram remained accessible to many users in Russia through the use of VPNs and other circumvention tools. In June 2020, Russian authorities suddenly lifted the ban on Telegram. Russia stated that the decision was made in light of Telegram’s willingness to assist in the fight against terrorism by blocking certain channels associated with terrorist activities, although Telegram continued to maintain its stance on user privacy.

But in 2023, Russian opposition activists reported that their messages, although sent through secret chats, had been monitored and read by special forces, which led to their arrests. Telegram suggested that Russian authorities could have gotten access to the chats through a phone-hacking tool like Cellebrite, but the holes in Telegram’s security make it impossible to know for sure.

The struggle between privacy and governmental control is ongoing, and the balance between safeguarding human rights and national security remains a contentious issue. Freedom of speech and privacy are fundamental human rights, but we should be careful about how we use the tools that promise to preserve them. Signal and WhatsApp, unlike Telegram, both have end-to-end encryption enabled by default. In addition, Signal open-sources both the client- and server-side code. This allows security researchers to review the code and confirm that the software is secure and does not conduct surveillance on its users. A full open-source approach would also ensure that private chats are designed in such a way that they cannot be compromised.

Telegram does not offer significantly better privacy or security than average communication services, like Facebook Messenger. When it comes to the niche of truly privacy-centric products—where Telegram is trying hard to position itself—it’s doubtful that Telegram can compete with Signal or even WhatsApp. While even those two aren’t perfect in terms of privacy, they both have a leg up on that self-professed privacy stronghold Telegram. 

My latest article published by the RSA Conference Blog: “Why Mainstream Retail Crypto Payments Still Don’t Exist.” I delve into the security, privacy, and regulatory challenges preventing widespread adoption of crypto payments in mainstream retail. 

As cryptocurrencies gain popularity and their valuations soar, it’s essential for the cybersecurity community to understand why their adoption in everyday transactions remains limited. The article delves into factors such as regulatory uncertainties, high implementation costs for merchants, lack of consumer demand, and the stronger financial incentives offered by traditional payment methods like credit cards.

Importantly, the article also discusses how the unique privacy benefits of cryptocurrencies could drive future adoption. As concerns over digital privacy grow, these advantages may become significant enough to prompt a shift in consumer preferences and merchant offerings.

#Cryptocurrency #CryptoPayments #Bitcoin #Blockchain #RetailTech #Cybersecurity #Privacy #DigitalPayments #FinTech #RSAConference #CryptoAdoption #PaymentSolutions #DataSecurity #TechTrends #Security

This article was inspired by my recent experience at the Black Hat and Defcon cybersecurity conferences. Quantum computing and post-quantum cryptography emerged as major topics, more prominently than ever before. One can say that this is because of the anticipated release of the NIST standard for post-quantum cryptographic algorithms which officially happened immediately after the conferences concluded. However, this release might be just the tip of the iceberg, with significant developments likely hidden from public view. Now, let’s start from the beginning and define what quantum computing is and why we should pay attention to it when it comes to a conversation about payments. 

Unlike traditional computers, which use bits with value 0 or 1 as their elementary building blocks, quantum computing uses so-called qubits, which in addition to regular zeros and ones can enter a special state called superposition. There are special algorithms that use superposition to dramatically speed up calculations which can take forever for regular computers, even supercomputers. One such algorithm, Shor’s, claims the ability to crack public key encryption by solving the problems of factoring large integers and discrete logarithms, which are foundational to Rivest Shamir Adleman (RSA) and Elliptic Curve Cryptography (ECC). I say “claims” because Shor’s algorithm has been theoretically proven and experimentally demonstrated on small quantum systems, but it has not yet been fully realized on large-scale quantum hardware capable of challenging current classical cryptographic systems.

Unfortunately for mathematicians, and fortunately for all of us, quantum computers are not powerful enough yet to execute Shor’s on a full scale sufficient to crack real RSA or ECC keys. But the threat is that such a development could happen at any moment. Remember what happened just less than two years ago with the first release of ChatGPT by OpenAI? Everyone was talking about AI, but no one was expecting a real-life application that can do much more than just chatting. That moment was rather a revolution than evolution. Why should we assume that the same cannot happen with quantum computing?

There is one important difference however between quantum and AI. Companies such as OpenAI are motivated to do a fast release of their work to the public as this means more investment and revenue for them. Quantum computers, however, are not as directly tied to public engagement. National governments and their intelligence services may be even more interested in developing quantum computers than private corporations, and if they do such development and get good results, they will not necessarily publicize their achievements. Instead, they might try to exploit first and crack public communications, cryptocurrencies, and other technologies.

How Is This Applied to Digital Payments?

The first concern is cryptocurrencies, which rely entirely on public key encryption algorithms for security. If Elliptic Curves were cracked today, this would be an immediate crash of Bitcoin, Ethereum, Monero, and hundreds other crypto. All three aforementioned crypto networks, and their numerous forks and mimickers, are based on different flavors of the same ECC. The moment Shor’s algorithm is successfully executed on real keys, the value of most cryptocurrencies could plummet to zero. But if the crackers decide to not make the discovery available to the public, they might first benefit from the ability to crack particular crypto wallets with large amounts. 

But what about traditional payment technologies, like plastic cards, which still account for the majority of processed payments? The plastic payment card industry relatively recently made a full transition to EMV, also known as chip and pin, standard, which means that every payment card has a chip that is supposed to protect cardholder information and transactional data. Guess what is used to protect that data - correct, public key encryption. In EMV, public key encryption algorithms such as RSA and ECC are employed to secure the data exchange between the card and the payment terminal. This ensures that even if the data were intercepted, it would be virtually impossible to decipher without the corresponding private key. One might assume that old magnetic stripe payment cards, with unencrypted data, are safe from cryptographic attacks. While magnetic stripe cards lack encryption, many legacy payment applications and online payment systems still rely on Transport Layer Security (TLS) to secure communications. These applications would be inherently vulnerable to quantum attacks.

However, there is some good news too. Many modern payment systems use a technology called point-to-point encryption (P2PE), when the sensitive cardholder data is encrypted within the card reader device and decrypted only at the payment processor (bank). The most prevalent encryption scheme in P2PE is called DUKPT (Derived Unique Key Per Transaction) which uses symmetric ciphers such as AES (Advanced Encryption Standard). Symmetric algorithms are much more resilient to quantum attacks compared to public key encryption. There is an algorithm called Glover’s that speeds up the brute-forcing of AES ciphers and reduces its security by two times. So, if AES uses a key with 256-bit length, its actual security will be reduced to 128-bit, which is still considered fairly secure today.

​In conclusion, the advent of quantum computing poses a looming threat to the security foundations of both modern and traditional payment systems. While we may not yet be at the precipice of a cryptographic apocalypse, the potential for a sudden quantum leap in computational power demands immediate attention and preparation. Cryptocurrencies, as well as the broader financial industry, must begin transitioning to quantum-resistant algorithms to ensure the continued security and trust of digital and traditional payment systems alike. The time to act is now, before the quantum future becomes our quantum present.

Excited to share that my article on Telegram’s security just got published in IEEE Spectrum magazine!
​I dive into the encryption methods Telegram uses and what it means for user privacy. 

Check it out here:
​spectrum.ieee.org/telegram-security

Also available on Apple News:
https://apple.news/AZbr4b1SmQPSZWzEXg6ZDeg

​#Cybersecurity #Privacy #Encryption #Telegram #IEEESpectrum

’m pleased to announce my participation as a speaker at the 15th NextGen Payments & RegTech Forum on December 10-11, 2024, in Austin, Texas. I will be part of a panel discussion on “Blockchain and Cryptocurrency Adoption,” where we will discuss the current and future impacts of blockchain technology on financial systems.

During the panel, I’ll share insights from my experience in developing blockchain-based payment solutions and my work in payment security. The discussion will focus on both the challenges and opportunities businesses encounter when adopting these technologies.