Topic: [ANN][ICO][CDRT] CREDEROOM - a digital era fintech company - ICO Campaign - page 30. (Read 9584 times)

Well, let me explain it to you on example:

1. You are brand new customer
2. You send us request for a loan at Friday at 2pm.
3. In your request you gave us your personal info, job info, your income description
4. Of course we check you in all regular registers: we check if document you provide is correct, if you are working there and how long it is you work there, what were you loans and how did you pay them. Anyway, everything regular.

5. Now we collect another data, available on you, lets start from facebook:

We already now you are 19. From your application. People in that age are not very reliable borrowers.
We check your posts and see that each night at Friday you get drunk.

So obviously - you are trying to get money to get drunk today. Probably you will be refused.

BUT it wouldn't be all

Based on your education, finished or continuous, your friends, relatives and so on we can make one more step:

What if we give you a loan today? There chances you will not repay it on time. Ok, but will you repay it at all? Maybe you are likely to understand in your 25, that credit score is important and you will repay that old loan? Well, we can predict that things and based on that - predict how much money we will loose or win. We can loose loan amount, on the other hand we can win - interests for all this time, fine, collectors fee and so on.

And all this will be done automatically in short time. Manager will only have to make final check

So, if you keep all versions of all documents you will have to have huge IT Infrastructure? Say if normally you would need 1 server, then in your case you will need 10-20 instead?

You say you process a lot of data. What do you do with it?

Sure you can, though the HR in each country will try to get best of the best )

It is really hard to explain the whole idea in short post.

There is really huge amount of data that we collect, process and keep. We have to be sure in certain points:

1. we will not loose data because of server/network failure. Regular backup, distributed and redundant storage, regular software updates goes here. Actually it is common for all IT companies.

2. data is up to date and if it was altered it happened it was made correctly: no hack happened, no dishonest employee and so on.

3. data access control

So for paragraph 2 and 3 blockchain will be used.

No one will be able to access data without permission based on private/public keys on blockchain. Update of private/public keys to blockchain is also subject to control. Data will never leave the storage unencrypted. Remember how it is in google, that their local network is not using ssl?

Logging - every access to and action with data will be logged on blockchain. So, before get access to data you have to get your public key in blockchain and server has to accept it. Here we control how many keys there are, when and how they are issued, if they changes were old ones revoked correctly. If the key is new how it was created?

Now, if you get through this and you have new key you have to setup the corresponding access level to yourself. Which is also subject to blockchain.

When you access data, each step will be logged in blockchain, so no wiping logs can happened.

Each version of document has hash stored on blockchain, so we know which version should be restored if the problem occurs.

So, user data will still be on your private servers?

The main idea is not to store documents any where. The main idea is to keep it all and keep it unchanged.

Let's say some one took a loan, paid it back with huge delay and big fine. Now he would like to take new loan.

As for now, this info is stored anyway, but theoretically it can be corrected: by inside personal or outside hacker or whatever. Yes, it happens rare, but it can happen. And theoretically you can wipe the traces of this change.

With keeping dates, hashes and access data on blockchain it can happened too, but you will not be able to wipe traces. And the original info will still remain.




 

I mean I would join the team in Netherlands, bounty is not for me ))

Yes, and how the hell you will be able to store all this private data, government will go after you as enraged bull

Why didn't you join bounty? We have options for translations.

I would gladly do Dutch

As far as I understood your Whitepaper, you will store credit score into blockchain. And now you say it is only hashes of documents? What it will really be? 

We are always welcome community to participate, but when localization will be started it will be full-time job, while most of people here participate in blockchain as hobby. If someone will decide to join our team of course this will be positive

If we speak about Blockchain network hack, than the good thing is we always can do hard fork and return to the time before hack.

Well, there will always be security experts and hackers. There will be no final winner in this game )

User's private keys will be stored in personal chip card secured with pin. So users will be required to keep it safe.

Public keys, well they are public )

The thing we really worry about is to protect ourselves from what happened in Estonia this year. You might know everyone there have id card with private key and it is widely used in services, both governmental and private. Vulnerability in key pair was found, there was possible to recover private key from public.

But this actually not the problem of using blockchain, but problem of key pair creation



 

I guess you are right, we all remember the Ethereum hack

It becomes a little bit clear for us now. But you are giving critical info to third-party. Or it is even wrong word - you are giving it to the whole world. Is it really secure?

Another security options is blockchain Certificates. To access corporate infrastructure you will have to create secure connection to it with your own keys.

This keys will correspond with current user access level will also be stored on blockchain.

There will be no CA to hack to get access and again, unauthorized change will be easy to detect.

So after all, not that much transactions will be needed.

Well, you absolutely right, we will try to keep in blockchain only critical info, compressed and encrypted. The most of our critical data is text, so it compression with help to minimize its size.

But the main idea though is to keep documents themselves on our own server infrastructure, but keep hashes of documents on EMC blockchain. If document was changed by authorized person, new version of hash and timestamp of change will be stored in blockchain.

Combining it with regular backup we will be able to detect unauthorized document change

By the way, speaking of devs, In the road map you say there will be translation to European languages. Will you get interpreters in the crypto community and offer them a job or just hire ones in their countries?