Why are banks terrified of using bitcoin?

(This article originally published on my blog.)

It’s strange. All of the banks I work with are looking at blockchain. They’re working on use cases, preparing pilots… and almost systematically I hear the same story. “We won’t use bitcoin.” or “We have decided not to use the Bitcoin network.”

It almost feels as if bitcoin and its Bitcoin protocol and network are off limits to banks. It almost feels like in the 1990s when internet came around and all the banks were afraid to use it… and were all still strongly intent on remaining on their X.25 or Token Ring networks.

Yes, with internet, you see the source IP and destination IP… and you see the packet go through the whole world. Originally it was felt as terribly insecure, unreliable (despite of the design principles of the IP stack so that it can survive failures of nodes in the network and still route from point A to point B).

If you look at it closely, the Bitcoin network… you see the source address of somebody doing a transaction, and the destination address (those are actually publicly accessible by everybody on sites like http://blockchain.info/). You also see the exact transaction that is being made. But, as an analogy to the internet, where you can use cryptography to hide the actual meaning of the packet sent, with Bitcoin, you can associate whatever meeting you want to a transaction (for example through tokenisation)… Say you want to prove ownership of a document, you can make a hash of that document, and send a small amount of money to the Bitcoin address that the hash makes up… and then you can at a later day, through finding your transaction back with sites like http://blockchain.info/ prove that you had access to that hash at the specific date the transaction was made). This is what the Satoshi Proof application does.

It’s even possible to build a completely decentralized network of distributed web sites using only the blockchain as addresses to connect to each site. This project is called ZeroNet. It’s not stored anywhere specific (it’s distributed totally among machines connecting to it). Because of that, it cannot be censored. It’s always accessible (the Bitcoin network has zero point of failure). And it has no specific hosting costs. Sites are served by all the visitors… Kind of likeFreenet, but instead of using generic hashes for finding sites on it, addresses are actually Bitcoin addresses. The other difference… documents aren’t stored encrypted. Unlike Freenet. It’s all clear and open. Like the Bitcoin blockchain.

And the Bitcoin network is perfectly well design to provide resilience by redundancy like the internet. You don’t have to trust any machine in the network to be able to trust that the whole network will process your transaction in a trusted way. This is due to how the Bitcoin protocol is designed. Pretty much like, with internet, the routing protocol is designed so that if the route initially planned to reach point A from point B has a node that breaks down, dynamically a new route is calculated and packets will still reach point B, but through a different path. You don’t have to trust every node between point A and point B to be up for the packets to go through.

So what is terrorizing the banks?

Often they hide behind the “it’s not regulated” posture. Then again, nobody regulates the internet (there are governing bodies… but no state regulates what is allowed or not on the IP network stack that makes up the communication protocol of the internet). If you look at a blockchain, a database made of chained blocks of data, no state on the planet regulates the concept of databases. There are some things you have to be careful putting in place? In Europe you have to be careful were you store personal data… But that’s not really a database regulation, it’s a privacy regulation. They are not saying what kind of database solution / architecture you may or may not use to store personal data… just what you can do with that data once it’s stored somewhere (in whatever form).

I think the actual reason is that they are afraid of the reputation of Bitcoin. They think that by leveraging the Bitcoin network or the bitcoin currency, they will be associated with the perceived sole users of this, the criminals selling forbidden goods on the dark net and its collection of dark web websites. Banks are so afraid of that association that in some countries (Switzerland is such a case), if you create a startup that works using bitcoin, and you want to have your bank account (not in bitcoins, but in, say Swiss franks), it is extremely hard (if not impossible) to find a local bank that will accept to be your bank. They are too concerned with being associated (even from far — they aren’t storing bitcoins or doing bitcoin transactions — just being the bank that serves) with a company that for their business, somewhere else in their processes, uses bitcoins.

So what are they doing? Well… They are turning to alternative blockchain provides. Ripple, Stellar,Ethereum/ConsenSys, Chain… Or even looking at building their own blockchain platform (with the works of the Linux Foundation to create an open source blockchain platform).

Unfortunately, this has some inconvenients…

First, using a private blockchain, a permissioned blockchain, defeats the purpose of security by volume which you get with Bitcoin. It’s close to impossible (as a security specialist, I never say impossible when it comes to security) to break the security model of the Bitcoin network. It was designed to be trusted even without trusting significant numbers of hosts. Actually to be sure to be able to insert fraudulent transactions into the Bitcoin network, you’d need to bring in about the same number of nodes to be sure to always have majorities for reaching consensus. Not feasible with the hundreds of thousands of nodes currently running on the Bitcoin network. With a permissioned network, you have to trust a security controler (which in turn becomes a single point of attack, a valuable target that you need to protect extremely well — raising the risk factor).

Second, using another permissionless network, like Ethereum. This is a great idea. But most likely for the wrong reasons. Ethereum is a fantastic network. Permissionless. But its interest resides in the fact that it enables things like smart contracts. This opens up a whole new set of possibilities of automated processing, distributed autonomous organisations like Slock.it. But it’s certainly not going to change the reputation. Ethers (the digital currency attached to the Ethereum network) has value. So it was bound to happen that you start seeing crooks offering illegal goods and asking to be payed in Ethers. This is today the case. You can buy your own attack bot / trojan and pay it in Ethers. You can find it on the ZeroNet I mentioned above.

So banks are terrified of bitcoin… for all the wrong reasons… and looking at alternatives that won’t help with those reasons.

It’s time to open up your eyes. Think back to 1994 (for those of you who were already there) and when internet started being available for commercial use. Think how everybody was afraid to use it for production. And look where it is now.

Well, the banks that start using the Bitcoin network and bitcoin currency today are those that will be the first to reap the benefits of what these tools provide, just like the first banks to build home banking sites and internet based network architectures were the first to reap the benefits of offering new products to customers and lowering their infrastructure costs.

So, as a bank, when will you realize that you too can reap the benefits of the Bitcoin network?

(Link to original article.)

Show your support

Clapping shows how much you appreciated Gilles Gravier’s story.