Three cloud computing providers, Microsoft, Google and IBM, are all pitching the concept of confidential computing to banks.
Today in cloud computing deployments, data is protected at rest (sitting in a database) and in transit (being sent from one system to another), but not while it's being used by a software application such as a marketing, fraud detection or cybersecurity program.
Confidential computing fills this gap, cloud providers say. It puts sensitive applications in a walled-off area within a computer called a hardware-based secure enclave or trusted execution environment, so the data used cannot be seen by outsiders.
This is not a new idea. It's been around since at least 2015.
But several hardware providers, including Intel, AMD and Nvidia, have recently begun supporting it, making it more of a practical reality. And cloud computing providers have made their clouds — Microsoft Azure, Google Cloud, IBM Financial Services Cloud and Amazon Web Services — work with this hardware-based security.
Banks could use confidential computing in many ways and some, such as RBC, already use it.
It could work in various ways. Banks could share information about transactions with each other, for instance to detect money laundering, without making personally identifiable information and transaction data visible to competitors.
In this scenario, if a customer goes to Bank A and deposits $9,999 (avoiding the $10,000 threshold that triggers a suspicious activity report), then goes to Bank B ten minutes later and deposits another $9,999 check and then goes to Bank C and does the same thing, by the time the person gets to Bank D, there would be a red flag on that person's account. The red flag would not provide details of the earlier transactions, but would alert Bank D to ask some questions about the check.
"Suddenly the money laundering signal becomes much, much stronger," said Nelly Porter, head of product, Google Cloud Platform confidential computing and encryption at Google.
Interest in confidential computing has always existed among Google Cloud's bank customers, according to Porter.
"But we definitely see the increase of adoption, understanding and awareness," she said.
Stronger privacy regulations make the need for such technology more urgent, she noted.
So does the "global mistrust that is growing in this ongoing war."
"There is definitely this realization that a great way to protect data is mandatory and it must cover the entire life cycle," Porter said. "That's where confidential computing is working really nicely."
The need to protect data in use
Cloud leaders at IBM, Microsoft and Google all said protection of data in use in the cloud has been a missing link that's important to fill in. (Amazon also offers a version of confidential computing called the AWS Nitro System, but declined a request for an interview.)
"If you think of an office building, there are going to be a whole bunch of different security measures in place for anyone entering that office building," said Hillery Hunter, chief technology officer for IBM Cloud. Workers "may need to badge in at the front door, sign in with a security desk; they may need to use their badge in the elevator to go to a permitted floor. They may then need to use their badge, or biometrics even, to get into the particular floor that they're supposed to be working in."
All this security is analogous to the security cloud providers already have, such as identity and access management, network security and isolation of users, she said.
"But yet there are some conversations that are so sensitive, sometimes having to do with people's personal information, HR kind of conversations that lead people in even open office floors to go off into a conference room and have a truly confidential conversation," Hunter said.
A secure enclave is like that conference room, she said.
"You can have a confidential conversation with a trusted party and the information stays there, no one else is party to it, and there's literally no other way for anyone to get that information unless you choose to share it," Hunter said. "It is an additional step to protect the most sensitive data."
Until recently, confidential computing has existed in a limited way, she said.
"There have been these in-memory-based confidential computing approaches that help you protect a couple hundred megabytes of data at a time," Hunter said.
IBM and others have been working to scale this to handle terabytes of data, she said, to enable companies to protect entire databases.
"So think of it not just as a breakout room for two people to sit on stools at a bistro table, but an entire auditorium where very confidential things can be done en masse," Hunter said.
Google has also been working on scaling the technology, Porter said.
"Customers don't come to the cloud to run many tiny applications," Porter said. "They come to the cloud to run huge databases and high-performance computing workloads."
Use cases for banks
IBM has worked with some bank clients to aggregate data for fraud detection purposes using the confidential computing component of IBM's Financial Services Cloud.
"If you're willing to share information securely, you can potentially identify fraud across a set of businesses of a similar type, because you can begin to see the bad actors who are attempting to evade detection," Hunter said. "But if multiple companies look at their data, they can see that commonality in fraud."
Clients also use confidential computing to protect encryption keys.
"If data wanders off, it's encrypted," Hunter said. "But if the keys wander off, then you have a problem, because then someone has the decoder ring to your encrypted data. And so using confidential computing as a means to protect the keys is a fundamental part of what we've been doing in the cloud for financial services in particular."
Some bank clients use confidential computing to protect intellectual property and customer data, said Mark Russinovich, chief technology officer of Microsoft Azure.
RBC is one example, he said.
The Toronto-based bank, which has $1.4 billion of assets, wanted to connect merchants with their customers with targeted offers. (RBC declined to comment for this story because it is in a quiet period.)
"The consumer's out at the pharmacy or the drug store, grocery store buying things," Russinovich explained. "All RBC sees is the credit card receipt for the amount. The merchant knows exactly what they bought: a tube of toothpaste and some shampoo. RBC wants to enable the merchants to give those consumers targeted advertisements, targeted offers without letting the merchant see the consumer and without RBC seeing the merchant and what the consumer purchased. The merchant doesn't see the RBC data either, because that includes lots of merchants' transactions."
RBC uses confidential computing in Azure to let merchants and RBC combine their data, run AI algorithms on it, and then figure out how to target consumers, he said.
"If you look at the pressures on advertisers, especially with Europe's big focus on consumer privacy, this kind of arrangement ensures that consumer privacy is protected and the parties involved also protect their data, yet allow for this very targeted advertising that is beneficial to consumers and advertisers," Russinovich said. "I view this as the template for the future of advertising."
Microsoft and Google let cloud customers launch confidential virtual machines and databases within secure enclaves.
"You don't change any lines of your code," Porter said. "You simply run it in this confidential box and it'll take care of the rest. You don't need to have a special security PhD or be a cryptographer."
All agree customer interest has picked up lately.
"We really see this is the year that confidential computing has really started to take off," Russinovich said. "We've seen a lot of momentum with customers in the financial space, especially around confidential computing."