Blockchain based Internet of Things (Debashis De, Siddhartha Bhattacharyya etc.)

192

N. Surekha et al.

research work suggested that permissioned blockchain can be used for customer pri-

vacy protection in the public “KYC Smart Contract” and private “KYC Admin Smart

Contract”. The former takes into account blockchain operations like CRUD (Create,

Read, Update and Delete) to approve participants/customers whereas the latter is

responsible for adding the KYC ﬁle to the repository, Inter Planetary File System.

The combination of public and private smart contracts provides both, free access

in the Public phase and enables restriction through encryption in the Private phase.

Public portion of the smart contract allows organizations and syndicates across the

globe to participate in a secure environment through permissioned blockchain with

customers worldwide. Following are the processes involved in creating an encrypted

KYC database through the implementation of Blockchain along with IoT.

1. Users/participants/customers across the globe can connect through IoT and

access KYC User Interface for user registration.

2. Once the registration is approved user can submit required documents which

will be processed in Decentralized IPFS (Inter Planetary File System).

3. Livelihood and survival mobility are oftentimes outcomes of uneven socioeco-

nomic development.

4. Once the documents meet the requirements, the evaluator will approve the user

for registration.

5. Dedicated KYC services process will be initiated through quorum permissioned

blockchain where two-step processes are embedded.

6. There will be an evaluator (external entity) to scrutinize the KYC document.

a. KYC Smart Contract (CRUD—Create, Read, Update and Delete operations

are available for the approved users).

b. KYCAdminSmartContract—Allthedetailsoftheapprovedusersarestored

with UID which can be accessed only with the private key to make it more

secure and immutable.

Point 1 to 6 explains the KYC process. Once this process is completed, the UID can

be referred to by the customer/user or any individual whenever the user approaches

any ﬁnancial institutions for any services worldwide. Following are the steps involved

in using the UID for further transitions.

1. The customer should share the public key with the banker with whom a ﬁnancial

transaction is initiated.

2. The banker will access the database using the public key and add an OTP to the

user’s public key.

3. The OTP will be shared by the banker to the customer through SMS.

4. The customer will use the OTP along with his private key to decrypt the personal

data and validate his/her identity using digital signature.

5. Validation by the customer through digital signature signiﬁes that the KYC

veriﬁcation process is successful.

6. There will be an evaluator (external entity) to scrutinize the KYC document.