Digital Currency vs. Credit Cards

“Company X hacked. Thousands of credit cards compromised.”

This headline has become all too common, affecting retailers like Home Depot and Target. If you’ve ever been a victim of credit card fraud—like I have—you know it requires significant effort to get everything back to normal. It would be nice if companies’ internal controls were better at protecting your credit card information so you didn’t have to go through that mess. It would be even nicer if there was nothing to steal in the first place.

Wait, what? Nothing to steal? How would I shop and pay online if there was nothing to steal? Someone has to have my credit card number, right?

The human race is quite intelligent, coming up with amazing solutions to complicated problems on a daily basis. In fact, some say a solution to this very problem has already been found. Digital currencies such as Bitcoin, Ripple and Litecoin can be transferred without divulging any information that compromises the security of your remaining digital currency. Said another way, you can pay someone with digital currency without providing any information that allows them to take more than what you intended to send to them. Even if a thief intercepts information about that transaction, it’s useless. In fact, every piece of information about every transaction ever transmitted on the Bitcoin network is publicly available to anyone who wants to see it. The reason this is possible is the same reason you feel safe when you browse a secure website—you know, the ones with the https: prefix and the little lock icon? It’s called public-private key encryption, and the idea is everyone can see your public key, but you keep the private key to yourself. You then use your private key to digitally sign transactions similar to the way a website digitally signs their certificates, which is how websites prove to your browser that you’re on a secure connection.

But what happens if someone hacks my computer and steals my private keys?

Well, then you’re out of luck. That person has effectively stolen your digital currency. However, you can take measures to help prevent this. One of the most secure methods involves using an offline computer that never touches the Internet, which acts as the “signing authority” part of the payment process. But, for the everyday user, this is cumbersome and impractical. Hardware wallets, which simplify this process by replacing the offline computer with an offline gadget small enough to fit in your pocket, make this process much easier and may represent the solution that makes digital currency both secure and accessible for the average Joe.

By using digital currency rather than credit cards, you reduce the points of potential failure to one—from you and all the companies that maintain your credit card number to just you. Furthermore, a single company holding thousands of credit cards is a lot more appealing to hackers than an individual holding a few digital coins. Of course, a hacker could choose you, but do the math on that likelihood. Better yet, do the research and keep most of your digital currency offline, where the threat of a hacker is less likely.

avatar

Tom is a senior managing consultant with BKD’s Forensics & Valuation Services team. He has provided fraud investigation, litigation support, computer forensics, data mining and business valuation services. His experience includes managing large forensic accounting, fraud investigation and data mining projects.

Tom Haldiman – who has written posts on BKD Forensics.


Leave a Reply

Your email address will not be published. Required fields are marked *