Is Crypto the Future of Privacy?

By Collin Connors, ERMProtect IT Security Consultant

In today's digital age, it can often feel hard if not impossible to maintain your privacy. Everywhere we go in cyberspace we leave a digital footprint exposing ourselves to the world. Privacy enthusiasts have created technologies that allow us to mask our identities and hide our data from prying eyes. One such technology that has broken into the public’s eye is cryptocurrency.

A cryptocurrency, such as Bitcoin or Etherium, is a digital currency backed by a public, distributed, tamper-proof ledger called a blockchain. Fans of these cryptocurrencies often mention how the blockchain technology backing the cryptocurrencies gives users unprecedented privacy. A phrase you are likely to hear when talking to anyone who owns Bitcoin or any other cryptocurrency is “Bitcoin is anonymous.” We are left asking what does this mean?

In traditional banking, when I create an account at a bank they are required by KYC (Know Your Customer) laws to gather identifying information about me. Cryptocurrency, on the other hand, does not gather any KYC when you create a wallet (We can think of wallets in crypto as being analogous to bank accounts in traditional finance). This means anyone can create a crypto wallet and there will be no information tying it back to them. In theory, this is a great way to protect your identity, however, we quickly see the flaws of this method in practice.

The biggest issue with crypto and privacy is that all transactions in cryptocurrency are public. That is, anyone in the entire world can see every transaction that is made. There are even specialized tools such as Chainalysis, which is used by ERMProtect consultants, that allow investigators to quickly navigate the blockchain and identify actors. So even though cryptocurrency does not require KYC, it can still easily be traced through the blockchain.

Imagine you want to use crypto to pay your friend back for ordering a pizza. As soon as you send your friend the crypto, he will have enough information to see every single transaction you made. In the same scenario, if you were to use cash or even traditional digital payment such as PayPal your friend would not learn your entire financial history.

It is clear that because cryptocurrency transactions are public, they cannot compete with the privacy afforded by traditional currency. It should be noted that there are some cryptocurrencies and techniques that can be used to improve privacy, however, even with these advanced techniques privacy is not ensured. (I plan to discuss some of these techniques in an upcoming article). Investigators can use tools to quickly analyze the blockchain and identify all of a user's financial transactions. The illusion of privacy in cryptocurrency exposes many uninformed users to a severe invasion of their privacy.

 

Get a curated briefing of the week's biggest cyber news every Friday.

Stop Phishing Attacks with ERMProtect's Security Awareness Training

Turn your employees into a human firewall with our innovative Security Awareness Training.

Our e-learning modules take the boring out of security training.

Intelligence and Insights

PCI DSS Certification

The Most Common Problems with PCI DSS Certification Implementation

This article dissects the most common problems organizations face with PCI DSS certification implementation and the solutions to overcome them …
IT Risk Assessment

Top 10 IT Audit Risks in 2025 and Using IT Risk Assessments to Mitigate Them

This article explores the top 10 IT audit risks for 2025 and provides actionable strategies for mitigating them, notably the use of IT risk assessments …
Business Impact Analysis

Why Performing a Business Impact Analysis is Important for Banks

A look into unique challenges banks face when conducting a BIA, real-world scenarios encountered during BIAs and IT risk assessments, practical steps involved in performing a BIA, and the common pitfalls to avoid during the …