In a landscape increasingly dominated by technology, safeguarding digital assets is paramount. The recent initiative by the Bank for International Settlements (BIS) – named ‘Project Polaris’ – is exploring and establishing methodologies for shielding retail Central Bank Digital Currencies (CBDCs) operations against the rapidly evolving cyber threats.
CBDC Systems: The Two-Tier Model
In the wake of the Bangladesh Bank’s hacking episode and the proliferation of cyberattacks on numerous decentralized finance platforms in 2022, the BIS has emphasized the imperative of fortifying the infrastructure banks plan to issue CBDCs. The specter of malicious cybernetic actors has the potential to destabilize economies, chip away at the central bank’s credibility, and significantly disrupt retail CBDC operations if a robust cybersecurity infrastructure does not underpin them.
The BIS’s envisioned approach is based on a two-tier CBDC system where the central bank knows each member’s balance. Commercial banks are responsible for managing retail functions and enforcing anti-money laundering measures.
Project Polaris promotes resilience through a comprehensive framework, nudging banks to evaluate their fundamental operations. That includes management structures to business continuity plans, and data protection strategies.
By doing so, they can enhance software security testing via DevSecOps, an innovative approach designed to rapidly develop software without sacrificing security. Emphasis is also placed on adopting zero-trust technologies, among other crucial considerations.
Risk Assessment and Proactive Measures for CBDCs
Banks are called upon to evaluate potential threats to core CBDC operations and understand the responsibilities shared by all parties involved. Safeguarding retail endpoints and shielding user data with established protocols is necessary to avert data breaches. It is also essential for banks to form dedicated emergency response teams and ensure the CBDC system is scalable to mitigate the risk of denial-of-service attacks.
In addition, adopting a culture of sharing cyber intelligence, defining a baseline for normal transactional activity, and conducting regular security audits are measures banks must undertake.
Evolving Retail Payments and Data Privacy
Until now, the focus of significant economies and banks has largely been on testing interbank settlements rather than retail payments with CBDCs. This shift has sparked questions about whether banks would be prepared to relinquish their data privacy policy.
The United Kingdom’s Project Rosalind stands out as it recently trialed retail peer-to-peer payments, demonstrating a proactive approach.
Simultaneously, European Union citizens express apprehension about the transparency a digital euro might bring to their transactions. The overarching public consensus views the project as a potentially unnecessary solution.
Earlier this year, the UK experimented with a Real-Time Gross Settlement System to expedite bank transaction settlements. Meanwhile, FedNow, a parallel project targeting US banks, has welcomed 57 trial participants and is slated to launch later this month.
Disclaimer
For paid/sponsored articles, CryptoMode neither endorses nor takes responsibility for the accuracy, timeliness, quality, and content of said articles. The statements, views and opinions expressed in paid/sponsored articles are solely those of the content provider and readers are reminded that Cryptocurrency products are unregulated in most locations and can be highly risky. Do your own research and consult relevant financial experts before making any investment decisions. Cryptomode will not be held accountable, either directly or indirectly, for any harm or loss that may stem from or be linked to the usage or reliance on any information, goods, or services mentioned on this page. If you have any concerns, please email [email protected] or refer to our Terms & Conditions
