See More

Bank for International Settlements Wants to Protect CBDCs From DeFi Hacks

2 mins
Updated by Michael Washburn
Join our Trading Community on Telegram

In Brief

  • Project Polaris by the Bank for International Settlements outlines a framework to protect CBDCs from cyber threats.
  • The framework will require banks to assess their operations, including data protection and business continuity plans.
  • The BIS model assumes a two-tier CBDC system where commercial banks handle retail functions and anti-money laundering.
  • promo

The Bank for International Settlements’ New Project Polaris will investigate how to protect retail central bank digital currencies (CBDCs) operations from risks posed by cyber threats.

The BIS said a hack of the Bangladesh Bank and numerous decentralized finance hacks in 2022 underscores the need to harden the infrastructure banks intending to issue CBDCs must use. Threat actors could destabilize economies and erode central bank trust if retail CBDC operations are not protected by a resilient cybersecurity framework.

BIS Says Fighting Cyber Threat Risk in Two-Tier CBDC System Needs Cooperation

The BIS model assumes a two-tier CBDC system where the central bank knows the balances of each member. Commercial banks handle retail functions and are responsible for anti-money laundering enforcement.

Project Polaris resilience framework to protect a retail CBDC system from risks posed by cyber threats.
Resilience Framework to Combat CBDC Cyber Threats | Source: Bank for International Settlements

Dubbed Project Polaris, the new resilience framework will prompt banks to assess their baseline operations, including management structures, plans for business continuity, and how they protect data. Then, they can streamline software security testing through DevSecOps, a method to develop software quickly without compromising security. Other important considerations include zero-trust technologies.

Moreover, banks need to assess threats to core CBDC operations and the responsibilities each party has. Retail endpoints must be hardened and user data protected with established methods to prevent leaks. In addition, each bank should have a dedicated emergency team, and the CBDC system must scale to minimize the risk of denial of service attacks.

Banks must also share cyber intelligence, establish a normal transactional activity baseline, and conduct regular security checks., a company using artificial intelligence to fight cyber threats in DeFi, says the time a project takes to detect a hack is seven days.

Learn here the primary differences between crypto and banking.

Like in the BIS framework, cloud services and wallet frontend endpoints expand the attack surface for Web3 users. AnChain’s Web3SOC cyber risk framework shares best practices from the National Institute of Standards with the BIS proposals.

Retail CBDC Payments Like Digital Euro Still Theoretical

So far, major economies and banks have largely focused on testing settlements between banks rather than retail payments. Concerns abound about whether banks would abandon their data privacy policy.

The UK’s project Rosalind is an exception, which successfully tested retail peer-to-peer payments last month.

Elsewhere, European Union citizens are not keen on the window a digital euro would offer into their personal transactions. Additionally, the public consensus is that the project could be a solution in search of a problem.

The UK tested a Real-Time Gross Settlement System earlier this year to help banks settle transactions faster. FedNow, a similar project aimed at US banks, has onboarded 57 trial participants. It will roll out in late July.

Yesterday, the New York Fed confirmed a trial with BNY Mellon, Citigroup, Morgan Stanley, and others, proving a wholesale CBDC’s speed advantage.

Got something to say about risks CBDCs face from cyber threats or anything else? Write to us or join the discussion on our Telegram channel. You can also catch us on TikTokFacebook, or Twitter.

Top crypto projects in the US | July 2024
Harambe AI Harambe AI Explore
Uphold Uphold Explore
Exodus Exodus Explore
Coinbase Coinbase Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | July 2024
Harambe AI Harambe AI Explore
Uphold Uphold Explore
Exodus Exodus Explore
Coinbase Coinbase Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | July 2024



In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

David Thomas
David Thomas graduated from the University of Kwa-Zulu Natal in Durban, South Africa, with an Honors degree in electronic engineering. He worked as an engineer for eight years, developing software for industrial processes at South African automation specialist Autotronix (Pty) Ltd., mining control systems for AngloGold Ashanti, and consumer products at Inhep Digital Security, a domestic security company wholly owned by Swedish conglomerate Assa Abloy. He has experience writing software in C,...