Homomorphic Encryption for Cross-Border Computation
Privacy Enhancing Technologies (PETs) are at the forefront of efforts to protect privacy and enable responsible data use. But what are they and how are they used? Dan Cassara, former Project Manager for the Digital Credit Observatory (DCO), provides a case study of how PETs can be used to enable better financial lending practices across countries in the third part of our series on ‘How PETs Make Data Work for All.’
Read parts one and two. Learn more about PETs in our Data Privacy Lab.
According to GSMA’s 2023 State of the Industry Report, it took 17 years for the first 800 million mobile money accounts to register globally, but just five years for the next 800 million accounts. The expansion of other digitized financial services has also accelerated, with the proportion of mobile money providers offering digital credit nearly doubling in the past two years. Though the surge of digital financial services across low- and middle-income countries (LMICs) is well documented, the implications for data protection and compliance have received less attention until recently. This blog post builds off of parts one and two in this series exploring how Privacy Enhancing Technologies (PETs) can enable more responsible data sharing for the public good.
Many mobile money providers and fintechs operate in multiple markets. For example, Safaricom, which catalyzed the rise of mobile money by launching M-Pesa in 2007, recently began operating in Ethiopia, its tenth market. Because many fintechs use machine learning algorithms to predict loan repayment and create credit scores for consumers, new markets provide not just growth, but also new data to improve their models. However, new markets can also create regulatory and compliance challenges.
Data Protection Challenges
Regulatory efforts to safeguard data have often included data protection laws: 71% of all nations worldwide have data protection laws, including roughly half of the countries the UN refers to as Least Developed Countries. These laws generally govern what data can be collected, how it is processed, and how it can be shared. In particular, they often limit cross-border data sharing. Kenya, the birthplace of mobile money and a hub for fintech firms in Africa, passed a Data Protection Act in 2019 that states personal data cannot be “transferred outside Kenya, unless there is proof of adequate data protection safeguards or consent from the data subject.”
A fintech aiming to aggregate data from customers in multiple countries to predict consumer behavior may not be able to do so because of these kinds of data sharing restrictions. As a result, it might face higher default rates and pass those costs on to consumers in the form of increased interest rates. Instead, the fintech could turn to homomorphic encryption (HE), which refers to methods for analyzing data while it is still encrypted. (Analyzing data has traditionally required that the data be decrypted, making it vulnerable to hacks and misuse.) In this way, it may comply with data sharing regulations, as underlying data is not available across borders, and still learn from the data.
Using Homomorphic Encryption (HE) to Protect Privacy
To illustrate the idea underpinning HE, consider a scenario before electronic communications where Alice wants to send a secret message to her colleague, Bob, but is worried it could be intercepted. So Alice puts the message in a box, locks it, and sends it to Bob. The message is secure, but there’s a new problem once Bob receives it: he doesn’t have the key. Bob puts his own lock on the box and sends it back to Alice. After she removes her lock and sends the box back to Bob, he can remove his lock and finally access the message. This approach added extra steps, but it ensured that the contents of the box were never revealed to anyone except Bob.
In practice, the secret message is often a desired query or computation, like the total number of transactions that customers initiated last quarter. Suppose there are just two customers who made 4 and 7 transactions, respectively; with access to a list of customers and their transaction histories, it’s a simple task to calculate that 11 transactions were made. But if the bank uses HE to protect customers’ data, the analysis must incorporate a set of procedures to ensure the encryption, computation, and decryption processes return the correct answer. There are many such systems, but most rely on a set of public and private keys that are similar to the locks Alice and Bob used to lock and unlock the box — or encrypt the data and decrypt the results — but with a few important differences. First, the dataholder (the bank) has both keys. Second, some predefined operations can be performed on the data in the box without ever needing to see inside.
For simplicity, let’s also assume that a given encryption system and set of public keys transform the values 4 and 7 into encrypted values of 31 and 212 (the math can get complex, interested readers should consult the endnotes). When the query is attempted, instead of 4 + 7 = 11, the system, operating on encrypted data, gets 31 * 212 = 6,572 (for technical reasons, 31 and 212 are multiplied, not added; see the endnotes for more info). The encrypted value of 6,572 clearly does not equal 11, but this is expected in this encrypted space. To return to unencrypted numbers, the bank’s system uses a decryption function that relies on private keys. With some hand-waving (see notes), the computer returns the correct answer of 11 to the bank, who never saw the underlying transaction histories.
The Future of HEs
The processing power needed to privately analyze data using HE limited real-world applications until recent advances in computing power, but financial services applications are now growing. HE was used in combination with Multiparty Computing to enable data from non-Belgian subsidiaries of a Belgian bank to be used in its machine-learning model, even though EU privacy regulation prohibits the cross-border transfer of this data. Researchers constructed a privacy-preserving machine learning model that did not require any of the underlying data from the non-Belgian subsidiaries to be shared, and all private data remained encrypted throughout the computational process.
Industry’s growing reliance on big data and the increasing prevalence of data misuse has led many countries to pass data protection laws. These laws often empower people to have greater control of their data, and provide necessary safeguards. The cost is that data sharing — and the learning and innovation it can facilitate — becomes more burdensome, if not impossible. Privacy enhancing technologies like homomorphic encryption can play an important role in facilitating responsible data usage to expand access to financial services and to drive down costs, without sacrificing the data protections that people deserve.
For more detail on how HE works, review this example.
