Title: Decentralization in COTI payment network, KYC/AML and Trust Score cases Post by: COTInetwork on March 29, 2018, 02:31:15 PM Written by Anton Suslonov (https://www.linkedin.com/in/anton-suslonov-558587103/), Data Scientist, specialist in deep learning, neural networks and natural language processing.
This Monday, April 2, 2018, we will host a live AMA with Anton about decentralization in COTI payment network, KYC/AML and Trust Score cases. We will discuss the influence of those issues on the future of online payments. The AMA will take place on COTI’s telegram group (https://t.me/COTInetwork) from 4:00–5:00 pm (+2 GMT). COTI Tech Team Imagine the world 20 years from now. How will people pay for goods and services? The world will not be using coins, cash, cards, and cheques anymore. The world will all be using electronic money also known as digital currencies, which are faster and easier to use, bringing economical freedom to society. In this article, we will be discussing types of networks and their features. COTI Tech Team Any type of electronic money or other means of payment are stored in some kind of a network. Each network has a comprehensive set of such networks’ characteristics, affecting efficiency, reliability, safety, the integrity of a payment system. We will be considering three network types (and countless variants and mixed models): centralized network, permissioned network and decentralized network. Centralized Network In the centralized network, all network nodes are connected to a central server, directly or indirectly. The network resources are controlled from the main location. Centralized networks may offer users a high performance, high reliability and extensive set of helpful features depending on the network architecture and quality of its realization. Here we are facing some kind of dilemma: the goals and values of the centralized network authority may differ from uses’. A lot of people prefer not to grant central authority too much control over their data whenever it possible. One more point is durability to focused attacks. Centralized networks, by their nature, usually have vulnerable points what wrongdoers (or natural disasters) can attack hurting network functionality. Malicious actions of the network admins or authorities could be a disadvantage. Centralized networks are usually based on an open source, depriving users of examining the code. The best example of centralized payment system is VISA. It consists of processing centers, member banks, non-member banks issuers, POS-terminals, ATMs, etc. All participants obey very strict rules dictated by the VISA Inc. This payment system is efficient but very expensive. Such systems are hardly open to innovations. For example, smart cards deployment took decades. Distributed Permissioned Network The best example of such type network type is Ripple or IBM Hyperledger Nodes of such network are operating independently, running the same open-source code, while the central authority still controls some critical functions. The centralized functions usually include nodes synchronization[1], promotion, and demotion. Distributed permissioned networks usually demonstrate outstanding performance and stability. However, they are not free from centralized network disadvantages. Sometimes, distributed permissioned networks may be highly efficient to solve specific tasks such as a ledger for international letters of credit or for interbank payments. Decentralized Network Decentralized networks are designed to be free from shortcomings of having a central authority and defined vulnerability points. It is crucial to understand that the Internet itself was designed as a decentralized network, permissioned in some aspects (IP addresses designation, DNS servers). Ideally, the decentralized network is free to join for every user, and its nodes operate obeying users’ opinions only. In Fintech applications, a decentralized network should be designed for all nodes to act honestly and responsibly. This goal is achievable by the mechanisms of consensus. Decentralized networks are free from a central authority dictatorship. The primary challenge is to prevent the whole network failure, caused by attacks. Nodes in a decentralized network need to perform some additional work to attend the consensus. COTI is a decentralized payment network aiming to be efficient, quick and robust. Moreover, COTI is a highly parallel solution. The TrustChain Consensus Algorithm allows Full Nodes to knit their parts of the DAG independently. Nodes are checking each other without wasting time for blocks synchronization. The Double Spending Prevention Nodes are also working in parallel, adding reliability and security to the system without deadlocks and bottlenecks. The system can run smoothly and efficiently by using Trust Score values, equally distributing new transaction along the DAG edge. For this reason, the reliable and predictable Trust Score algorithm is crucial for COTI payment network. This algorithm should be unbiased, and open to the community as well as decentralized to the maximum possible extent. KYC/AML requirements in Decentralized Network KYC/AML or AML/CTF (more common in US law) is a strict and sophisticated set of rules gradually introduced by US lawmakers (see USA Patriot Act) and international FATF organization. As a part of running straight forward global payments business, COTI would like to be KYC/AML compliant. The above-mentioned regulations are effectively limiting the use of cash money in settlements. According to SEC and CFTC, “market participants should treat payments and other transactions made in cryptocurrency as if cash were being handed from one party to the other.” From another point of view, competitive cryptocurrency platform should work without any intermediary parties and be decentralized by architectural design. Real payments cryptocurrency has to incorporate KYC/AML procedures into the core network functionality, just as COTI intends to do. For this reason, we need to define how the provider of KYC/AML procedures can work in a decentralized network. Initially, the critical point of KYC/AML is identification and proof of residence. It means that a provider has to process and collect real-world documents and offline confirmations. Additionally, these documents are sensitive. Having a copy of someone’s ID, residence data, the source of funds info, a malicious person may try to steal an identity or even plan to commit a violent crime. These documents also contain personal data what entails additional law requirements in many countries. Thirdly, the procedures implemented by the provider should be efficient and law compliant. It may require certification of officers or people responsible. Addedly, the provider should collect and analyze the payment data to check user’s activity . The provider should be online all over the clock. Currently, COTI network provides KYC/AML procedure service for itself by using KYC/AML servers. These servers are dedicated to supplying the network with the information about KYC/AML procedures.These servers do not store the information about payment transactions and access to wallets. In COTI network, KYC/AML servers will store user’s data after evaluation in the cold storage. This cold storage will be unavailable for direct access from the network excluding any possibility of a hack. As an option for the future, Full Nodes can easily turn off KYC/AML feature. Trust Score in COTI decentralized network Real world documents containing personal data require to be stored in the protected facility. The additional challenge is uniformity: payment system participants should not be able to turn the algorithm for their own benefit. Any lack of consistency here can destroy the efficiency of Trust Chain Consensus. Our decentralized solution to this challenge: In COTI payment network, the Trust Score Node receives an evaluation data from the KYC/AML server .The node does not have access to users’ personal data. This feature allows Trust Score Nodes to be operated by users. A user running the Trust Score Node will earn money from it. Thus, the Trust Score Nodes operators will have material liability and incentive for fair play, excluding possibilities of malicious tuning of the Trust Score algorithm. Comparing Trust Scores assigned by different nodes to the same user, the network will be able to detect any fraud attempt. While the Trust Score Algorithm will be trained and tuned, the Trust Score Nodes will be operated by COTI. We estimate that the Trust Score Nodes may be run by users then the network will be business-ready. ... WE REMIND YOU ABOUT LIVE AMA WITH ANTON ON APRIL,THE 2nd on our telegram group (https://t.me/COTInetwork). Don’t forget to prepare your questions !The AMA will take place from 4 pm — 5pm ( GMT + 2). https://i.imgur.com/uPYVcNS.png https://i.imgur.com/LDAcMgN.png https://i.imgur.com/izXBen0.png https://i.imgur.com/kzC1EMY.png https://i.imgur.com/zJIemCQ.png https://i.imgur.com/csSrUDf.png Talk with us on Telegram (https://t.me/COTInetwork) Official Facebook (https://www.facebook.com/COTInetwork/) Official Twitter (https://twitter.com/COTInetwork) Official Reddit (https://www.reddit.com/r/cotinetwork/) Official Youtube Channel (https://www.youtube.com/channel/UCl-2YzhaPnouvBtotKuM4DA) COTI Group (https://https://www.linkedin.com/company/coti-ltd/) |