As financial firms face an endless and unrelenting array of digital theft and fraud, they are increasingly leaning on a security approach based on confidential computing. This concept has gained a lot of momentum very quickly across the industry.
How to leverage sensitive data with Confidential Computing
Confidential Computing focuses on securing data while it’s being processed, by using secure hardware-enabled enclaves. The data and code are then securely stored inside the enclave, protecting them from any unauthorized access – either from system administrators, hosts of the operating system, other tenants or the owner of the infrastructure itself. The enclaves are kept separate from other applications and services running on the same system, making sure that the attack surface is kept to a minimum. In today’s world, where businesses are thinking “cloud-first”, this technology is of great importance. Any workloads that were previously not considered to be uploaded to the cloud, because of security and compliance concerns, can now take advantage of these services.
That’s appealing for enterprises that must manage large amounts of sensitive data that are frequently in use and rapidly moving among multiple locations: on-premises and in the cloud. Consequently, banks and other financial organizations can greatly benefit from Confidential Computing technology.
Let’s talk examples
Confidential machine learning
Using Confidential Computing and combined with machine learning, banks and financial institutions can now collaborate to achieve better overall results. For instance, two financial institutions can work on generating credit qualifications for customers by using CC techniques. They can combine their two separate datasets into one within a secure enclave. They could share the credit history of their customer to track and assess their credit score. Once the data is in this privacy box, no unauthorized access is possible. But AI applications and algorithms can still access this new combined dataset. Based on this, they track and assess the transactional data and generate new conclusions. This will benefit both institutions with improved outcomes. And this all while remaining owners of the privacy of their sensitive data.
Fighting money laundering
Confidential computing security is also effective when it comes to efforts against money laundering.
This approach would be based on an AI-based money framework, utilizing federated learning. It involves different companies that work collaboratively to obtain a shared prediction model. Federated learning allows the data to be kept in local environments, such as banks’ internal systems. They upload data to a centralized node where AI algorithms provide risk assessments, allowing banks and other financial institutions to spot potential risk candidates. Furthermore, banks could share and use each other’s transaction data to build predictive models and create an anti-money laundering system. They can do all of this without exposing sensitive data to their competitors.
“They can use confidential computing to make sure that the right programs are operating on the right data and that data can stay where it resides in the bank as opposed to being shared across industry boundaries.”, said Michael Reed, Intel’s director of confidential computing in an interview.
But these are not the only applications for the technology in the financial sector.
Other examples include:
- Detect fraud and digital theft
- market-rate calculations
- accessing financial products more quickly
- analyse loan applications
With such applications, Confidential Computing has the potential to radically change the way that the financial sector assesses and shares sensitive data about customers. With end to end encryption and confidentiality, banks can leverage customers’ data to build and improve services, while helping them meet their compliance obligations.