Data Immutability for Financial Services - Blockchain is Not Enough
In our data-driven age, it’s vital that organisations can trust in the veracity, completeness, timeliness, and quality of the data they use. This is because the outcomes of digital systems are often only as good as the data that feeds them. How can data immutability help?
In financial services, the immutability of data is particularly important, because even small changes to data can render systems inaccurate. Recently, blockchain has been presented as the technology to achieve data immutability. The case has been made for blockchain both as the ledger of truth for financial services and as a driver for operational resiliency. But is blockchain really the silver bullet that many people claim it to be?
To ensure data immutability, ledgers need to overcome three big challenges:
- Data corruption. In some implementations, data corruption can replicate across multiple nodes and therefore into organisation’s backups. This makes it difficult for firms to understand their recovery point objective (RPO) because they first need to understand at what point the corruption took place.
- Cyber-attack. Firms may struggle to understand exactly what data has been exfiltrated or altered following a cyber-attack. They will need to undertake painstaking work to map these changes and resulting impacts, which has implications for their recovery time objective (RTO) and RPO plans. After all, in the world of financial transactions, you can’t simply unwind every debit/credit transaction that occurs after the point of tampering.
- Insider threat. While the risks here are similar to those associated with cyberattacks, insider threats also leave open the possibility that logs have been tampered with (while external cyberattacks can lead to log tampering it’s less common than with internal attacks). If the log data is corrupted, how can organisations prove their data is correct?
Building immutability into ledgers
Traditionally, financial services ledgers have not been immutable and that’s why blockchain has proved so exciting. Blockchain ledgers are, by definition, immutable, and the technology therefore has real promise as a tool for proving that data is accurate and that it hasn’t ‒ or even better that it can’t ‒ be tampered with.
However, while a traditional approach to blockchain solves the issue of immutability, it presents a few others. Here’s just a few:
- The integration overhead (cost and lines of code to maintain)
- Underlying infrastructure requirements
- IT support considerations (people, process, and technology)
- System performance considerations (will it be quick enough?)
- Data residency (where is the data being replicated?)
These challenges shouldn’t be downplayed, as they render blockchain a non-starter for any high-volume transactional system that spans several legal jurisdictions.
For example, to enable cross-border payments using a traditional blockchain solution, the organisation would need to establish nodes across the different jurisdictions in which it wishes to transact payments. While the nodes would deliver resiliency, and the blockchain solution immutability, the system would nevertheless be impractical. This is because the distance between the nodes would introduce latency and raise issues around data replication and residency. There have already been cases inside and out the financial services sector where regulators demand full transparency of a cross-border system.
A database-first approach
If traditional blockchain is a non-starter, how can financial services organisations solve the challenge of data immutability? The answer lies in a database-first approach. There are a few reasons why databases make sense for financial services organisations including:
Databases are well suited to high-transaction throughput and data storage
Database technology is proven, with decades of success
Microsoft’s in-memory Azure SQL tables make databases unbeatable in terms of performance
Databases with micro-service-based architectures are ideal for systems that deal with high transaction volumes
Database technology now also includes nodal and high-availability concepts
Smart implementations ensure data residency, even for cross-border solutions
But what about immutability? How can organisations ensure that the data stored on their databases is accurate and that it hasn’t been tampered with? This is where blockchain can play an important role. Rather than trying to make the primary data store immutable, organisations can use immutable ledgers like blockchain to verify the accuracy of the database. The approach effectively combines the benefits of a database with the best that blockchain has to offer.
A study in immutability
This approach can be achieved through solutions like the Microsoft Azure SQL Database Ledger. In this system, the data captured is also asynchronously backed up into a blockchain implementation. The strength of this approach is that it ensures that the blockchain does not adversely affect the performance of our systems ‒ the blockchain sits in the background building out the immutable ledger while the database carries out the heavy lifting of our transactional systems.
The ledger can also build digests, which are also inherently immutable as they are stored and accessed within an Azure immutable storage. The digest can then be verified against the data held within a database by running a simple Stored Procedure. The output confirms that the data within the database is accurate and that it hasn’t been tampered with. The great immutability challenge is thereby solved.
This can also solve data residency issues through the solution by taking a distributed approach to data storage, where each jurisdiction within an organisation runs its own Azure SQL Database Ledger. Each ledger instance is kept to its respective jurisdiction, and so too is data residency. The immutability of the data within these ledgers are also showcased to central banks and regulators by providing a portal view to the digest verifications that it runs.
The best of both worlds
The approach is simple, elegant, powerful and solves the challenges of performance, residency, technology, and immutability that many financial services firms still struggle with. Blockchain is a great technology, but alone it isn’t enough to ensure immutable data. Rather, blockchain should be used to do what it does best, prove data integrity, alongside the database technology needed to deliver transaction volumes at scale.
This article was originally published by Andrew Smith on his blog. You can find it here.