An Inside Look Into the Surprisingly Friendly Rivalry Between Ledger and Trezor

An Inside Look Into the Surprisingly Friendly Rivalry Between Ledger and Trezor

The Ledger vs. Trezor beef has a long history, but Ledger’s CTO efforts may have fanned the flames as he reported vulnerabilities his team discovered in its competitor.

[ihc-hide-content ihc_mb_type=“show“ ihc_mb_who=“reg“ ihc_mb_template=“1″ ]

Trezor and Ledger, two of the most prominent hardware wallet manufacturers, have long been locked in a rivalry.

As part of Cointelegraph’s interview with Charles Guillemet, the CTO of Ledger, he revealed that the relationship is more complex than it may seem at first. Despite the rhetoric, cooperation and respect can be found as well.

A collaborative rivalry

Guillemet said that he doesn’t know who started the rivalry, as it goes back to the “very beginning of the Ledger and Trezor companies.”

“I think things got more serious when I created the Donjon, which is our internal security team,” he conceded. The Donjon was one of the first innovations introduced by Guillemet when he joined Ledger, due to his belief that the only way to design a secure system is to “try to break it, again and again.”

While the Donjon focused on Ledger wallets, they also began looking at competitors’ products. “At the beginning that was mostly by curiosity. We just wanted to understand how they work,” he said.

That study resulted in the team finding vulnerabilities in “each single wallet that we looked at.” Guillemet noted:

“When you find a vulnerability, the right thing to do is to report it to the vendor. And that’s what we did.”

The vendors then fixed the vulnerabilities, even giving bounties to Ledger some of the time. Regarding Trezor, he mentioned a “battle of PR” between the companies, adding:

“At the end, one thing which is completely true, is that the wallet security of Trezor improved a lot thanks to us.”

While Guillemet did not remember the exact number of vulnerabilities reported to Trezor, he said they were about “six or seven.” All of them were patched except one, which was unfixable due to the fundamental design of Trezor’s chips.

Due to this, the Ledger team did not disclose its details, though they were independently reported a year later by Kraken’s security team.

Open source vs. security

The reason why the bug is unfixable is that Trezor uses a so-called MCU chip in its wallet, which is used in common household appliances and was not meant for secure data storage, Guillemet explained. When asked why, he said that this was a conscious design choice:

“They are of strong belief in open source philosophy, and when you use the Secure Element, you have to sign an NDA with the chip manufacturer, which prevents you from giving any information on what’s going on inside the chip.”

The Secure Element used by Ledger contains many countermeasures, which an open source firmware would likely reveal. According to Guillemet, secure elements are unacceptable to Trezor as they want to maintain their software completely open.

Guillemet said that open source software is “a very good thing” and noted that he personally contributed to some projects. “But when you design a security device, I think security is the most important thing.”

While he conceded that open source software could be a security benefit due to the additional scrutiny, this is not enough:

“As it prevents you from using a dedicated Secure Element, at the end you end up with a less secure device.”

Guillemet shared that he has a “good relationship personally with people at Trezor,” referring to them as “very interesting guys” — even if the two teams’ philosophies are different.

Zur Quelle

The Ledger vs. Trezor beef has a long history, but Ledger’s CTO efforts may have fanned the flames as he reported vulnerabilities his team discovered in its competitor.

Friendly Fraud and the Failure of Chargeback Protections

Friendly Fraud and the Failure of Chargeback Protections

Cryptocurrency payments provides solutions for financial information to be more transparent and secure

[ihc-hide-content ihc_mb_type=“show“ ihc_mb_who=“reg“ ihc_mb_template=“1″ ]

Chargebacks were originally designed to protect consumers. Today, it’s ironic that merchants often need protection against this very system put in place to protect consumers. A chargeback is the return of funds to the consumer, by the bank, to settle a debt. In the event of a filed chargeback, the bank then forcibly removes funds from the merchant’s bank account to “repay” the consumer.  

Chargebacks have long been a hindrance to e-commerce companies, sparking a rise in fraudulent behavior among consumers who attempt to defraud a company for their own monetary gain. While the payments sector grapples with bad actors, innocent consumers often get caught in the crossfire. 

Friendly fraud — also known as chargeback fraud — occurs when a customer files a chargeback instead of attempting to obtain a refund from the merchant. In some cases, such as when the goods were not received or not as described, the request for a refund is genuine. The very same cases may drive buyers to take shortcuts in their desire to avoid the archaic, tedious processes often associated with recourse. As friendly and malicious fraudsters adopt the same methods of getting a refund, attempting to distinguish between them is futile. 

Defining friendly fraud 

Friendly fraud is an honest mistake by a consumer, most commonly involving genuine forgetfulness or unknown purchases by family members. On the other hand, the desire to steal from the merchant fuels chargeback fraud with malicious intent. 

Chargebacks were introduced to protect consumers who operate in good faith. In the event that a scammy merchant has successfully convinced a buyer into paying for goods or services, chargebacks ensure that the buyer is not out of pocket should the goods arrive faulty, are counterfeit, or do not arrive at all, as is sometimes the case.

Eventually, this trust in customers was abused, and fraudsters found that they could fool the bank into issuing a chargeback on the basis that they didn’t receive goods or their card was used by someone else. In this case, the buyer receives money from the bank (which then charges the merchant) and keeps the goods. 

Financial identification: discretion and security

Chargebacks were introduced when e-commerce was an undeveloped concept. Purchases were made in traditional brick-and-mortar stores and credit cards were kept in physical purses and wallets. Unfortunately, what was once an industry that thrived off good faith now fosters fraudulent activity. Credit card information stored on numerous online accounts, apps and devices only heightens the potential for merchants to scam buyers.

The Truth in Lending Act, the foundation of the chargeback, was drafted back in the 1960s. Consider how commerce and consumer habits have been revolutionized in the last decade, not to mention the last six decades. This archaic act has failed to stymie chargeback fraud, thus proving that outdated regulation cannot be effective when the entire shopping landscape itself has changed. However, it’s not solely the legal regulations that have become outdated. 

The core issue: outdated payments systems 

Banks and outdated payments systems are the problem. In theory, the issuer of the chargeback thoroughly investigates every claim a cardholder files. In reality, banks are being overtaxed by the rapid rise in overall chargebacks, lacking resources such as time, money and modern verification systems to meet the influx of claims. This squeeze on the issuer means claims are not sufficiently reviewed and little evidence is required to submit the chargeback to a merchant’s bank. This inability to verify the legitimacy of each chargeback creates a twofold problem: While merchants are getting hit with more unnecessary fees and damage to their credibility, banks are essentially showing consumers that filing a chargeback has no repercussions. 

The issue at the root of the chargeback predicament is that people still have to expose their financial information to pay for goods and services online. This giant loophole creates more opportunities to commit fraud.

What is being done?

It’s evident that both parties need to be protected. Online payment system companies such as PayPal and Stripe have endeavored to make e-commerce safer for everyone involved. Stripe even introduced a chargeback protection service in June 2019, promising to “reimburse the disputed amount and waive dispute fees.” This benefits both the consumer and the merchant. The consumer gets their payment, and in the merchant’s case, the service especially useful in trying to stabilize cash flow. Having money removed from an account before the opportunity to dispute the fraud makes it impossible to obtain smooth cash flow. 

Technically, merchants have the right to challenge chargeback claims, however, disputing a chargeback is a complicated and time-intensive process, and the odds of a merchant succeeding in getting a chargeback reversed are very low. With the damage already done and regardless of whether the case was friendly fraud or chargeback fraud, in the eyes of the bank, the merchant is guilty until proven innocent. 

The merchant must shoulder the burden of validating the original transaction, and what’s more, there is nothing merchants can do to stop bad-acting cardholders from repeating this behavior. As financial information has been disclosed, scammers can easily hack into these centralized databases and access someone else’s card details. The exposure of this information and the storing of financial details makes it too easy to keep conning buyers. Significant security breaches have occurred time and time again — the Marriott hotel’s breach, in which hackers gained access to the personal information of an estimated 500 million customers, is just one of the scariest in recent years. 

However, a potential alternative solution does exist. With cryptocurrency payments, financial information is secure, meaning there is no risk of the buyer being frauded via identity theft, for example. The inherent immutability of blockchain technology means transactions are final for the merchant, eliminating chargeback fraud. Furthermore, the ability to instantly record information could spell the end of fraud by improving security, making hacking and faking almost impossible. The opportunity to record information on a tamper-proof ledger could eradicate issues that have burdened merchants and customers alike for years. 

There is a catch, however — neither the bank, the merchant nor the buyer can solely remedy the issue on their own. Creating an entirely new landscape for payments based on security that does not require chargebacks is the next step toward fostering mutual trust across a fragmented industry. 

The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.

Filipe Castro holds an MBA, an MEng and a love for disruptive technologies. His experience lies in the development of software solutions, including electronic payment systems, business development and strategic development. He is inherently internationally-minded, having moved from corporate to small ventures in Scandinavia, complemented with his MBA awarded in China, Mr. Castro is now based in Switzerland as chief information officer for Utrust.

Zur Quelle

Cryptocurrency payments provides solutions for financial information to be more transparent and secure

Israel: A Friendly Blockchain Hub, but Is Government Policy Lacking?

Israel: A Friendly Blockchain Hub, but Is Government Policy Lacking?

Learn more about Israel’s regulatory landscape, and how it’s affecting the blockchain industry’s expansion in the country

[ihc-hide-content ihc_mb_type=“show“ ihc_mb_who=“reg“ ihc_mb_template=“1″ ]

It has been almost a decade since Dan Senor and Saul Singer penned “Start-Up Nation,” their ode to the Israeli tech sector. The book, which chronicles much of Israel’s success as a small but potent innovation force that spans countless industries, highlights the immense technological knowhow and seemingly fearless energy that supports the country’s thriving startup culture. Nearly a decade later, Israel has not missed a beat in terms of capitalizing on the biggest trends in technology

From cybersecurity to artificial intelligence and machine learning, Israel’s legion of innovators is tackling problematic areas felt in numerous sectors with its own brand of expertise, helping this geographical blip build a global footprint. Blockchain and distributed ledger technology (DLT) perfectly align with these ambitions, helping Israel emerge as one of the leading launchpads for the industry. While Bitcoin’s (BTC) price has risen and fallen over the years, one constant has been the upward growth trajectory of worldwide as well as Israeli blockchain initiatives.

Leveraging blockchain’s beneficial attributes

While the 2018 rout in crypto prices and the crumbling initial coin offering, or ICO, market certainly affected the momentum of blockchain in Israel, the industry has shown no signs of slowing in the time since. While difficult to pin down exact statistics regarding how many companies are currently operational in the space, estimates from 2018 compiled by the Israel Blockchain Association put the figure at over 200 companies. 

Though some have come and gone in the time since, the firms are keenly focused on developing and expanding upon blockchain’s multifaceted potential in areas like fintech and cybersecurity. According to a statement to Cointelegraph from Avishay Ovadia, principal at Collider Ventures, the technology can be leveraged extensively:

“A major part of why Israel has been known as the startup nation is because of our cyber and fintech technologies, which are also connected to our army intelligence service. In a way, I think that Blockchain and crypto are weaved technologies with fintech and cyber. Their core is to protect value, prevent attacks, and deliver a better financial system.”

Most importantly, the supportive environment for the startup economy is also helping the industry realize its ambitions. This welcoming platform has attracted the interest of many noteworthy projects and ambitious initiatives, including Libracamp’s virtual bootcamp for Libra developers.

Granted, the Libra project faces many hurdles, especially winning over the hearts and minds of governments across the globe. However, Libracamp remains undaunted by the politics and instead is forging ahead with leveraging the Libra testnet. 

Related: How Facebook Libra Has Been Influencing Crypto, Politics and Finance

Another noteworthy project is INX Crypto and Derivatives, which is planning an initial public offering-like crowdfunding round for its trading platform in the United States. The company plans to raise $130 million by selling INX tokens, marking the first time a blockchain company has filed with the U.S. Securities and Exchange Commission (SEC) to launch a compliant security token sale. 

In addition to high-profile projects, a component of Israel’s advances in the blockchain arena is support from the government itself, vis-à-vis regulation and legal judgments. Regulators and local authorities have made noteworthy attempts to stay in front of the industry, albeit with mixed results.

Back in May, the court system affirmed the Israel Tax Authority’s classification of Bitcoin as an asset rather than a currency, clarifying its taxable status. However, there are many who believe this ruling could be subject to change, especially as Bitcoin’s use in everyday transactions gains momentum to the point at which it is just as fungible as ordinary currency.

Still, despite the progress in this area and even regulatory support from the Israel Securities Authority for a local security token issuance platform, the absence of a more proactive government approach to cryptocurrency and blockchain is causing headaches among the entrepreneurial community. Addressing the government’s role in the industry, Israel Bitcoin Association Chairman Meni Rosenfeld noted in a conversation with Cointelegraph: 

“It seems that they are trying to help, but not very successfully. Positive encouragement activities are few, and heavy slow-moving regulation is a hindrance.”

Blockchain growth no match for government bureaucracy

Despite Israel being a promising destination for crypto capital, bureaucracy remains a major impediment stymieing businesses and investors alike. Although it has a friendly face, the country makes it difficult to open new businesses, even for entrepreneurs in the tech sector. Layers of bureaucracy, complicated taxation and more make Israel one of the least friendly places to do business. Ari Achiaz, the managing director of the Hogeg Blockchain Research Institute at Tel Aviv University, believes that: 

“Anyone that has undergone the bureaucracy channels in Israel knows that there is plentiful waste of time and money. Therefore, blockchain technology can potentially reshape the services civilians and businesses receive in Israel. However, I expect strong headwinds from powerful workers’ unions in Israel that view any small change as a threat, not to mention a technology that could make things substantially more efficient. Sadly, bureaucracy will probably be the last adopter of this technology.”

According to the Doing Business 2019 report compiled by the World Bank, Israel ranks 49th out of 190 on the ease of doing business index. However, its overall score belies certain areas of difficulty for businesses like paying taxes, with Israel’s rank being 90th out of 190. Another area is enforcing contracts, for which Israel again ranks 90th.

Due to its cold relations with neighboring countries, one could assume the Israeli government would readily and eagerly facilitate the export economy and trade, but that is not the case. In this vital area, Israel ranks 64th on the list. 

For blockchain and DLT, these high hurdles raise the cost of doing business and make it very difficult to remain compliant in the eyes of the law, so much so that many companies build businesses offshore to overcome these significant challenges. Other countries, like Estonia, which have made opening a licensed and complaint blockchain-based business much more affordable, are attracting Israeli companies in droves. Although very supportive of the industry and its momentum, Rosenfeld observed that: 

“I don’t think blockchains can streamline bureaucracy in the government, at least not without a fundamental change in what ‘government’ means which is decades away. What it can do is facilitate innovation by allowing more ways to bypass government bureaucracy and challenging it to adapt more quickly to the new era.”

Though the same report cited Israel for progress in the areas of information transparency and administrative efficiency during 2017 and 2018, the difficult regulatory environment for the country’s budding fintech and blockchain operations is anything but efficient or transparent.

The fact that a special fast-track initiative is being undertaken by the government to clear a backlog of more than 2,000 applications highlights just one tangible problem the industry faces. Meanwhile, for cryptocurrency investors, the local regulatory climate is even more complicated — at the very least, for those 70,000 Israelis that must navigate taxes owed on cryptocurrency investments. 

With no banks accepting funds that originated from cryptocurrency, many of these investors cannot use crypto gains or even move their fiat funds from exchanges to bank accounts to pay their taxes. Further complicating the situation is the fact that no local banks will facilitate the accompanying fiat transactions. The Israel Bitcoin Association is petitioning the court to have the Bank of Israel disclose its reasons for refusing transactions, but this is likely to be a drawn-out battle for transparency.

These complications are not solely borne by investors, but also the businesses operating in the ecosystem. Enterprises that need to move funds or access working capital are categorically denied entry to the local banking system and a gateway to ordinary financial channels.

While this is not the defining factor for Israeli startups engaging in more traditional equity fundraising, it makes a compelling argument for offshoring companies instead of keeping them onshore amid the confluence of regulatory uncertainty and lack of open financial channels. Guy Armoni, the current strategy manager at cryptocurrency tax consultancy Bittax, opined in a conversation with Cointelegraph:

“Banks today face many challenges with digital currencies being just one of them. To some extent, bitcoin has managed to challenge traditional banking as we know it, but I do not think that this is the only reason why banks are blocking the gateways to companies and individuals engaged in the blockchain ecosystem. Regulatory uncertainty can expose banks to risks that they do not yet have the tools to assess or deal with. I believe that private companies will overcome the difficulties and come up with solutions that will allow bridging between the various parties. In any case, the rigidity of the banking system is a reminder of the power of the Banking Monopoly that can afford to put itself ahead of its customers.”

More hope than hinderance

Necessity is the mother of all invention, and no other country adequately captures the essence of that phrase quite like Israel. Whether faced by political, economic or geographical restrictions, Israeli entrepreneurs seem to constantly overcome the odds when it comes to innovation. 

This ethos also extends to blockchain and its associated businesses, in which Israel remains one of the pioneering forces driving the industry momentum. Assuredly, there are challenges associated with working in the local ecosystem. Ovadia concluded:

“I think that in terms of decentralized innovation, Israel is losing amazing entrepreneurs every day, but on the other hand, because Israel is a very small market, on day one, startups know to look towards the US, European, and Asian markets, so Israeli innovation will be available abroad but maybe not embedded here.”

Yet, there is no denying the promising projects within its borders and the expert human capital that is dedicated to making blockchain more accessible and to pushing widespread adoption.

Zur Quelle

Learn more about Israel’s regulatory landscape, and how it’s affecting the blockchain industry’s expansion in the country

Crypto Friendly Regulation can Help UK Brexit, Says $10 Billion Advisory Giant

Crypto Friendly Regulation can Help UK Brexit, Says $10 Billion Advisory Giant

Britain should not miss the chance to get ahead of E.U. on crypto after Brexit, says deVere

[ihc-hide-content ihc_mb_type=“show“ ihc_mb_who=“reg“ ihc_mb_template=“1″ ]

The CEO of financial advisory giant deVere Group said positive cryptocurrency regulation should form a central part of the post-Brexit United Kingdom. Nigel Green made the comments in an interview with fintech news outlet Verdict on July 9.

DeVere, which has around $10 billion of assets under advice, is concerned the U.K. will end up in recession in the event of a no-deal Brexit, which politicians have promised could happen as soon as October. 

“The growing cryptocurrency market has already provided tangible economic benefits to other major economies,” Green said. 

“Post-Brexit Britain will be uniquely placed to go even further and by embracing it, it could reboot the UK’s financial services sector.”

As Cointelegraph reported, the U.K. has so far failed to provide a comprehensive regulatory roadmap for cryptocurrency, instead favoring a bearish approach which has even included ideas such as banning crypto derivatives.

The uncertainty has failed to quel business enthusiasm, however, with a London-based firm launching the world’s first bitcoin-only bond this month. 

At the same time, data reveals local consumers are increasingly embracing bitcoin (BTC) and other tokens in the absence of the kind of patchwork legal situation in place in the U.S.

For Green, an exit for the European Union would additionally aid London to preserve its financial hub status, freeing it from bureaucracy and leaving lawmakers free to adopt a pro-crypto approach similar to Switzerland and Japan

“Cryptocurrencies – which are digital, global and borderless – are unquestionably the future of money. This is noted by the growing amount of retail and institutional investment into the burgeoning sector,” he continued.

“Whilst other jurisdictions focus on the current, the UK should set its sights on the future to be ahead of the game.”

Bitcoin in fact appeared to profit from Brexit uncertainty earlier this year, gaining ground as mixed messages began coming from Westminster.

Zur Quelle

Britain should not miss the chance to get ahead of E.U. on crypto after Brexit, says deVere