Suppose someone wants to transfer funds to their client with an account opened in any bank, in any country or state. The usual procedure is that the payee (beneficiary customer) sends the payment instruction to the payer (ordering customer) with the beneficiary's full name (or company name), account number, IBAN and other information necessary to have the transaction completed.
The question is, how can the payer verify the authenticity of the information contained in the payment instruction provided by the beneficiary customer?
Who is to guarantee that the beneficiary didn't provide his private account number instead of the business one, or that he didn't change his name or the name of his company with the intention of manipulating cash flows?
This information cannot be confirmed by the payer's bank, because the payer's bank doesn't have that information. It can only be confirmed by the beneficiary's bank, but they will not provide any of their client's details at your request.
On the other hand, forcing the sender to verify the authenticity of the data by himself every time he initiates a transaction, sooner or later, will result in the imposition of serious errors in the money transfer process that can no longer be corrected.
What should we do in case we face this situation?
#Lay the foundations of a foolproof security system
The payer must be able to authenticate the legitimacy and validity of the information received before executing the transaction.
The payment instruction data must be preserved (as originally certified by the payee's bank) and must not be subsequently changed, lost, damaged or misused.
We need a fintech solution that guarantees the establishment of a foolproof banking security system and mutual trust between senders and receivers of payments, as well as between clients and banks, thereby reducing the number of errors in the transfer of funds.
This can be achieved by combining two innovative approaches that dive deep into blockchain technology.
One is Digital Chip Card Technology ("DCCT") and the other is Digital Telegram Service ("DTS").
There is a possibility of their wide exploitation in transaction banking and related services such as H2H (Host-to-Host), SWIFT, cash management and trade finance.
#What is digital chip card technology ("DCCT")?
A digital chip card is a digital asset that contains textual data (metadata) and other data and files of any kind that are permanently embedded into it.
The processing and memory units are integrated into a digital chip stored in the asset they form an integral part of.
Digital chip card technology ("DCCT") is a solution for secure storage and wireless sharing of sensitive data using a digital chip card as a medium.
This technology enables computers, tablets, smartwatches and smartphones that are close to each other to communicate using sound or QR code as the carrier of information that underlies the transmission process.
#What is a blockchain?
Blockchain is a decentralized database that is shared and synchronized amongst nodes of a computer network and operates without the need for central authority.
Instead of being locked within a single database, as is the case with centralized systems, files and information are diversified across the blockchain and made available to as many computers connected to a common peer-to-peer network as needed.
The blockchain ensures that the data stored in there is virtually immutable and properly verified. Once recorded, the data can no longer be altered or deleted.
#What is Digital Telegram Service ("DTS")?
Digital telegram service ("DTS") is a blockchain-based system for the exchange of electronic messages in the form of digital telegrams.
The data storage technology used to manage digital telegrams is identical to that of DCCT, except that DTS is primarily used to share text messages, files, and information delivered by the messenger directly to the recipient via the Internet.
Digital chip card technology ("DCCT") and digital telegram service ("DTS") are intended to provide reliable and secure channels for the transmission of financial information and to prevent its alteration, loss, damage or misuse along the way.
And that is exactly the solution we've been looking for and which we will now explain in more detail.
#Secure data transfer and storage within a digital chip card
When opening a bank account, the user is assigned a personal digital chip card associated with that bank account. In addition to the so-called "security tags", which contain the hash code, IP address, digital signature, public key and timestamp, the digital chip card contains the following information:
whether the account holder is a natural or legal person;
account holder's full name;
account holder's address;
account holder's account number/IBAN;
the name of the account holder's bank;
the address of the account holder's bank.
The bank will verify the authenticity of the input data and return the generated digital chip card to its creator (account owner). The creator will download the file, or will receive an e-mail from the bank with the attached file, or will receive a message through the appropriate online service that the bank uses to communicate with its clients.
The digital chip card is permanently stored on the remote database server, in the user's bank database and on the user's device which it was downloaded to. There is also generated a unique XML file in the [HASH].xml format, where the "hash" matches the hash code contained in the digital chip card as part of the security tag data set.
This XML file is an important component of the blockchain and an indispensable part of the banking transaction approval process.
#A series of steps to take when sending money using DCCT and DTS
With the help of DCCT and DTS technologies, the procedure for sending money from one point to another, either within the same bank or between two different banks from different countries, is as follows:
The payer will ask the beneficiary to send him the digital chip card, which the beneficiary had created upon opening his bank account; the beneficiary can deliver the digital chip card to the payer via a contactless transfer between two desktop or mobile devices, via e-mail, or via one of the messaging apps (Viber, Whatsapp, etc.);
Meanwhile, the payer will prepare his own digital chip card to use;
After receiving the digital chip card provided by the beneficiary, the payer will open the web app for scanning digital chip cards in a web browser on his computer, smartphone or tablet;
The reader is powered by a cloud-based app that manages processes out of anyone's reach and without the possibility of manipulation; it first reads the digital chip card with the payer's data and if the file is technically correct, the content is displayed on the screen and the payer proceeds to the next step;
The reader then reads the digital chip card with the beneficiary's data; if the file is technically correct, the content is displayed on the screen; the payer carefully checks the content and compares it with what he expects to receive from the beneficiary; if the payer suspects something is wrong, he will withdraw from the transaction; if everything looks fine, he will move on to the next step;
In the blank fields on the screen, the payer will enter the amount of money he wants to send, the purpose (description) of payment, the currency code and the SWIFT code (refers to overseas payments) and some other data related to whether the payment coverage is in foreign currency or in domestic currency, who is responsible for fees/charges of the banks engaged in the transfer of the payment (refers to overseas payments) etc.;
Finally, all data is merged and stored in a new, mathematically generated and disposable digital chip card; in addition to security tags (consisting of a hash code, IP address, digital signature, public key and timestamp), this file contains the following information:
hash code of the payer (extracted directly from the payer's digital chip card);
whether the payer is a natural or legal person;
full name (or company name) of the payer;
address of the payer;
account number of the payer;
name of the payer's bank;
address of the payer's bank;
amount of payment;
purpose of payment;
SWIFT code (optional, for cross-border payments only);
currency code (optional, for cross-border payments only);
payment coverage (optional, for cross-border payments only);
responsibility for fees/charges (optional, for cross-border payments only);
some other data related to the transaction, if needed...
hash code of the payee (extracted directly from the payee's digital chip card);
whether the payee is a natural or legal person;
full name (or company name) of the payee;
address of the payee;
account number of the payee;
name of the payee's bank;
address of the payee's bank.
The payer can now initiate the transaction and download the transactional digital telegram generated on the remote database server after the transaction has been initiated.
The transactional digital telegram is sent to the payer's bank to verify the payer's data, and then forwarded to the payee's bank to verify the payee's data.
Depending on the results of the verification, the transaction will be either executed or rejected.
The transaction digital telegram will be stored on the device of the user who initiated the transaction and in the databases of the payer's bank and the recipient's bank as well.
The digital telegram is only temporarily rendered on the remote database server and will be automatically deleted when the user downloads it, leaving no possibility for the file to be misused after the transaction is completed.
#Data verification and realization
As mentioned in the previous chapter, the generated transactional digital telegram is first sent to the payer's bank to verify the payer's data, and then forwarded to the payee's bank to verify the payee's data.
Finally, the transaction is either approved or rejected.
Here are more details on how it actually works:
The payer's bank checks the security tags from the transactional digital telegram, extracts the hash code related to the payer, finds the appropriate [HASH].xml in the bank's database and compares the content of the XML file with the content built into the transactional digital telegram;
If everything looks fine, the payer's bank forwards the transactional digital telegram to the payee's bank for further verification;
The payee's bank checks the security tags from the transactional digital telegram, extracts the hash code related to the payee, finds the appropriate [HASH].xml in the bank's database and compares the content of the XML file with the content built into the transactional digital telegram;
If everything looks fine, the payee's bank approves the transaction; if an error is found, the transaction is rejected; in both cases, the payee's bank notifies the payer's bank of the outcome, and the payer's bank notifies the payer himself.
The information contained in the digital chip card and in the transactional digital telegram is considered 100% accurate and verified as guaranteed by the account holders and the banks themselves.
This is what makes the process of transferring funds using DCCT, DTS and blockchain technology uniquely credible, plausible and secure, as the possibility of data alteration, loss, damage or misuse is drastically reduced.
#Set out for the future of banking with DCCT, DTS and blockchain
#When opening a bank account, the user is assigned a personal digital chip card associated with that bank account.
At any time, the payer may initiate a transaction and retrieve a transactional digital telegram generated on the remote database server after the transaction has been initiated.
The transactional digital telegram is sent to the payer's bank to verify the payer's data, and then forwarded to the payee's bank to verify the payee's data.
Depending on the results of the verification, the transaction will be either executed or rejected.