Vendor fraud gets red light from startup using blockchain on IBM Cloud

Share this post:

payment platform combat vendor fraudFortune tells the story of how a scam involving email phishing and fake suppliers victimized the most sophisticated, tech-savvy corporations.

A fraudster forged email addresses, invoices and corporate stamps to impersonate a large, Asian-based manufacturer with whom the tech firms regularly did business to trick two companies into paying for computer supplies.

Over a two-year span, the accounting departments at the companies made transfers worth tens of millions of dollars. By the time the firms figured out what was going on, they had paid out more than $100 million, which had been deposited in bank accounts across Eastern Europe.

If vendor fraud can happen to companies as big and sophisticated as those in the Fortune story, it can happen to anyone. That is why technology startup SiS has created a tamper-proof shared ledger of verified payment information for thousands of companies in Europe.

Choosing blockchain technology

SiS leaders realized that to prevent vendor fraud, companies needed a better way of sharing and managing bank account information. They wanted to create a platform where accurate information could be exchanged securely.

The SiS vision was a decentralized, community-driven effort that every business could trust, and where every business would be accountable for keeping its own banking information up to date.

For this reason, the company looked at blockchain, the distributed ledger technology, which, according to ComputerWorld, “has the potential to eliminate huge amounts of record-keeping, save money and disrupt IT in ways not seen since the internet arrived.”

Preventing vendor fraud in the cloud

SiS knew it needed to build its own blockchain and it wasn’t long before it discovered the Hyperledger project. Hosted by The Linux Foundation, Hyperledger is a global collaboration among leaders in finance, banking, Internet of Things (IoT), supply chains, manufacturing and technology.

IBM was a contributor and SiS looked to the company to help transform the vision into reality.

SiS had previously worked with a commodity cloud provider, but leaders decided to build their new system on IBM Cloud. Using the IBM Cloud Kubernetes Service, SiS deployed its own Hyperledger image in a Docker container and integrated it with several other container-based IBM Cloud services. The whole environment is managed by Kubernetes, which automates resource management to provide resilience and instant scalability.

SiS customers use an API integrated with their existing financial systems. They can then confirm whether their vendors’ International Bank Account Numbers (IBANs) are verified.

The SiS solution uses a risk assessment system that operates similarly to a traffic light. Green means the bank account is verified in the blockchain. Orange indicates that the account is unknown. Red warns users that there’s a potential problem, such as the bank account doesn’t exist, the company is out of business or something else is out of the ordinary.

Gaining a high level of confidence against vendor fraud

The SiS blockchain solution is now in production and already contains verified bank account information for more than 160,000 companies. The service is used to validate approximately 500,000 transactions per month.

Typically, 80 percent of transactions get a green light and are processed immediately. This time savings for the accounting team translates to a positive return on investment for the service within just months.

Together with IBM, SiS is building a community that offers protection from fraud. There is safety in numbers; working together and sharing trusted data makes every company stronger. SiS is so confident in the service that it includes insurance that indemnifies customers against vendor fraud.

Read the case study for more details.

More Security stories

7 pillars of a strong hybrid cloud security strategy

Hybrid cloud environments give companies the best of both worlds. They offer the elasticity and operational expenditure of public clouds with the data sovereignty, security and control found in a private cloud environment. By combining the two, companies can allocate workloads to the environment that makes the most sense for them. As organizations build these […]

Continue reading

5 data security techniques that help boost consumer confidence

These days, it seems like hardly any time passes between headlines about the most recent data breach. Consider the revelation in late September that a security intrusion exposed the accounts of more than 50 million Facebook users. For that matter, not much time goes by without a new survey or study that confirms the difficulty of […]

Continue reading

Machine learning: A key weapon in the cybersecurity battle

Since the dawn of the internet, companies have been fighting to stay ahead of cybercriminals. Artificial intelligence (AI) and machine learning have made this job easier by automating complex processes for detecting attacks and reacting to breaches. However, cybercriminals are also using this technology for their own malicious purposes. More and more hackers are exploiting […]

Continue reading