Crypto-Security: BlockSafe Uses Tech We All Know t
Post# of 82672
Cryptocurrency and cybersecurity are at a crossroads. We have all read about huge exchange hacks pilfering gazillions of dollars worth or crypto. Of course, there are the wallet hacks too. As the blockchain / cryptocurrency industry continues to professionalize, defensive measures designed to mitigate security risks must be a priority. No one is going to want to use a wallet or an exchange that has been hacked.
StrikeForce Technologies (OTC PINK:SFOR) is a company providing a service we all know too well. You know when you receive that text message with a six digit code to authentic one of your accounts? That’s a service they can provide. StrikeForce claims it created this technology and patented it years ago. And frankly, its been pretty effective for security but not too lucrative for StrikeForce, as it struggles to keep afloat, according to a recent SEC filing. Getting into the crypto space may provide the lift the company needs.
Earlier this year, StrikeForce announced a new subsidiary, BlockSafe Technologies – designed to provide security solutions for blockchain businesses and cryptocurrencies. At that time, BlockSafe also announced its interest in launching an initial coin offering (ICO) selling BSAFE tokens. While the ICO has yet to launch, BlockSafe says it is nearly ready to launch its cybersecurity services for the booming industry.
Blocksafe estimates that over $9 million is stolen each day from crypto wallets. Add this amount to the billions stolen from crypto exchanges and it is safe to say there is a need here.
CI recently spoke with George Waller, co-founder of StrikeForce and now CEO of BlockSafe. We asked for his thoughts on the pervasive risk associated with the cryptocurrency industry today and for some insight into his company’s plans.
You have been in the online security business for many years. Can you please explain your legacy tech?
George Waller: BlockSafe is a subsidiary of StrikeForce Technologies, StrikeForce has been in business since 2001, StrikeForce is the inventor of two-types of technologies: Out-of-Band Authentication (OOBA) & Keystroke Encryption.
We have received 6 patents so far (three for each of them), we have 4 additional patents pending. Our OOBA platform is extremely robust and unique because we offer three different types of deployments;
1) it can be installed 100% on premise for those companies that want to manage it themselves,
2) a company can utilize our Cloud based service, in which we manage everything,
3) we offer a hybrid deployment whereby the company manages all of their own databases and logins, but they utilize our cloud auth service to facilitate the actually auth process.
Additionally, our platform offers 15 different types of authentication modalities.
The real value of OOB is that a user’s credentials are broken into two, and sent over two separate channels to servers, for the purpose of logging in, or, verifying a transaction.
The IP channel will typically carry a username (and possibly) a password, and the telephony channel, or, push channel (a mobile device) will carry the authorizing credential. Because the users credentials are sent via two completely separate channels, it makes for an extremely secure process, it also eliminates “The-Man-in-the-Middle” attack vector.
Our other technology is keystroke encryption. What we realized is that malware (or spyware) was always going to find its way onto the user’s computer or mobile device, bypassing existing security defenses i.e. anti-virus software. For the last 10 years (or so), one of the favorite malware tools of the hacker has been key loggers, because they can embed it directly into the data-stack and copy all keystrokes as they travel from the keyboard to the application i.e. browsers, desktop apps, VPN clients, etc. What we realized is that the data-stack process needed to be changed, that’s what lead to us building GuardedID.
GuardedID is a keystroke encryption technology that encrypts every keystroke you type, low in the kernel of the operating system (as soon as you type them), then GuardedID reroutes those encrypted keystrokes to your applications via its own encrypted data channel, never allowing your data to go through existing data stack, and because the key loggers don’t have access to our encrypted channel, any key loggers that reside on your device are rendered useless.
How did you decide to get into the crypto space?
George Waller: About a year ago we started looking into the Blockchain and Crypto space because we know that hackers will always go where the money is, we quickly realized that both of these areas could benefit greatly if we modified our solutions to address specific attack vectors and vulnerabilities.
We started looking into the #Blockchain and #Crypto space because we know
You are targeting wallets, cryptocurrency exchanges etc.
Who are you currently working with?
George Waller: We have not launched our products yet. Our CryptoDefender which protects digital wallets is currently just releasing now in beta, we have several wallets and exchanges that have signed mou’s [memorandums of understanding] with us that will be testing shortly.
Our BlockchainDefender product is in development and should be available in Q2/19. We have discussed the capabilities with many private blockchain users and large integrators and they are all very excited to start testing it as soon as it’s available.
What is the single biggest risk to cyber theft in the crypto space?
George Waller: One of the biggest is multi-purpose malware that can steal wallet passwords, key files and change the send-to address in your clipboard.
One of the biggest is multi-purpose malware that can steal wallet passwords, key files and change the send-to address in your clipboard.
Are you integrating into Smart Contracts?
George Waller: We are not integrating into Smart Contracts. Our CryptoDefender is endpoint software which protects Windows, Mac, iOS & Android devices. Our BlockchainDefender is a an agent that sits between your blockchain app and your private blockchain and offers the following: transaction verification, DDOS mitigation, a firewall, a content filter, a rules & roles engine and an API to connect your blockchain to other legacy systems and blockchains.
What about malware injection into blockchain? Has that happened yet?
George Waller: We have not physically seen this happen, we have read many articles about how it could AND will happen. With that in mind, since we sit in front of your blockchain we are adding a content filter which will look for unwanted malware injections.
Could your tech have prevented some of the big exchange hacks?
George Waller: We believe so, from what we have read about a lot of these breaches, our keystroke encryption and strong multi-factor out-of-band authentication would have prevented the hackers from breaching these exchanges. Both, our Out-of-Band Authentication platform is available today as a stand alone product, as is.
Our keystroke encryption and strong multi-factor out-of-band authentication would have prevented the hackers from breaching these exchanges.
You are predicting a huge market in a few years, correct?
George Waller: Yes, we are.
There are about 24 million wallet users today and that’s expected to grow to over 200 million by 2025, we feel that every user should be protecting their wallet with our software, especially since there is no one to turn to if your coins are stolen.
Private (permissioned) blockchains are growing at a staggering rate. According to WinterGreen Research, the market for software, services and hardware to secure blockchain activity should grow to $355 billion as the digital economy moves to cybercurrency, while banks and the financial community totally restructure. It was $259 million in 2017.