Haventec’s Robert Morrish Talks Security, Blockchain and BLOCKLOAN

With a mission to create a global lending protocol that provide a secure blockchain environment for businesses and consumers, we have partnered with Haventec, top cybersecurity tech company.

We had a chat with Robert Morrish, Haventec’s CEO, and he told us a little more about how their solutions work and will integrate with BLOCKLOAN and the future of data and blockchain technology.


Tell us a little about Haventec?

Haventec is an Australian cyber security software company with a internationally patented technology platform that delivers innovative decentralised security solutions to prevent and protect against account fraud, transaction fraud and information theft.

The Haventec decentralised security platform consists of two products; Haventec Authenticate and Haventec Sanctum. Our security platform uses a foundation of one time use crypto puzzles that change and evolve on every interaction to break apart and protect critical information stores.

Haventec’s core value proposition of the decentralised security solutions deliver real outcomes to our customers by:

  • Removing hacker motivation, opportunity and reward to steal information
  • Reducing cyber security risk
  • Eliminating exposure to legislative and regulatory liabilities
  • Enabling greater business adoptions of digital transformation initiatives
  • Supporting simple and easy to use user experiences that make the customer safe

Haventec’s has a natural horizontal business model that means we can apply our solutions to any and potentially all vertical industry sectors. However, as a startup we must focus on solving real problems for a specific set of target industries, for which have remain focused on four that specifically include; Digital Banking, Marketplace Exchanges, Payment Platform and Blockchain/Crypto assets.


How do you help businesses become more secure? 

The Haventec decentralised security platform consists of two products; Haventec Authenticate and Haventec Sanctum. Our security platform uses a foundation of one time use crypto puzzles that change and evolve on every interaction to break apart and protect critical information stores.

Haventec Authenticate is a decentralised authentication broker that eliminates the need for organisations to centrally store user credentials while removing their exposure to traditional account attack strategies such as, password cracking, phishing, pharming, shoulder surfing, social engineering and mass account breach.

Haventec Sanctum is a decentralised data vault system that eliminates the need for organisations to store sensitive data centrally on their networks. Removal of these centralised stores of critical information significantly reduces organisational exposure to the various regulatory and legislative liabilities that many businesses are currently struggling to address and manage.

Name some of the businesses you work with?

Haventec has identified a growing trend in fraud on blockchain and cryptocurrency solution. To date we have seen reports of up to $1.7b US dollars in crypto asset fraud occurrence since the beginning of January 2018. Looking at the root or origin of the fraud attacks we saw that the cyber hackers are targeting their attacks on the end user crypto wallets, as breach of the private key stored in the crypto wallets will result in the hacker gaining full control of the assets held by the account associated with that wallet.

In addition to this there has been a growing trend of the hackers targeting the offline wallet management services that crypto exchanges are offering to their customers, which have become a centralised honeypot for mass crypto wallet breach as we saw happen to Tokyo based Coincheck in Japan where that lost over $500m is a single breach incident.

Haventec is confident that should Coincheck have been using our decentralized solutions that breach or the quantum of that attack would have never occurred.

Haventec is currently working with a few blockchain solution providers and decentralised applications in Australia which includes; BLOCKLOAN, Lumachain and Market Grid Systems.




How will you help BLOCKLOAN become more secure?

Haventec’s decentralised security products will enable BlockLoan to take to market a world leading crypto wallet and secure wallet management services that will not require BLOCKLOAN to centrally store this critical information on their network.

The first stage is to deploy the Haventec Authenticate decentralised authentication solution to the front door of the BLOCKLOAN crypto wallets and decentralized applications. This will enable BLOCKLOAN to eliminate the need to hold centralised stores of user credentials and provides a seamless two factor strength authentication as the foundation of the user account security. Haventec Authenticate will also improve the risk position of BlockLoan by eliminating the risk of a number of common account credential hacks, including; password cracking, phishing, pharming, shoulder surfing, social engineering and mass account breach.

The second stage is to deploy the Haventec Sanctum decentralised online vault solution to encrypt and protect the security of the BlockLoan crypto wallets on end user devices. There sanctum vaults will require an authenticated session to become active prior to the valid reconstruction of the wallet information held in the sanctum online vault. In addition to this the Sanctum online vault has the extra protection of the Haventec device fingerprinting system that is contestant validating that vault information request is always coming from the valid registered device.

The third stage of decentralisation will be to deploy the Haventec Sanctum offline vault solution into the BLOCKLOAN platform enabling a secure backup and recovery mechanism for the end user crypto wallets held on their devices in the Sanctum online vault solution. The Sanctum offline vault enables BLOCKLOAN to deliver wallet management services that are formed on a decentralised security foundation that eliminates the risk of mass account breach in a single incident.


Can you share some tips on how a business can secure their online solutions?

Haventec is able to deliver our products to organisations in two ways; 1) on premise software, where a business can buy our solutions and we will work with them to deploy, configure and integrate the Haventec solutions into their ecosystems and application. 2) Cloud hosted Software as a Service, where we provide a fully managed service out of our AWS ecosystem from any available AWS region in the world. The SaaS offering is available in both a multi-tenant shared hosting solution or single-tenant dedicated hosting solution.

The fastest way to try us out is to go to our docs.haventec.com and click the button “Go to Demo Console” where you can create your organisation to enable testing and trial of the Haventec solutions. Our online docs should give you enough information to try it out and our development team is readily available to answer your questions as you go.


What are your thoughts on the future of the space?

Introducing the problem: There is a narrative around the digital world still relying on a 60+ year old foundation that is username and password. It was not invented as a security mechanism to protect highly sensitive digital transactions and for this reason the world has become accustomed to adding layer upon layer of additional security solutions in an attempt to secure an untrusted ancient technology. Many organisations have then relied on Two Factor Authentication (2FA) that uses One Time Pins (OTP) sent over either SMS or Email channels to the end user in an attempt to validate user identity integrity, but unfortunately this is also no longer trusted. Today it is that email and SMS channels are easily compromised by the modern hacker rendering these OTP’s costly and ineffective. US standards organisation NIST last year removed SMS and Email on OTP remove their trusted security standards.

The problem is evolving: The shape, structure and behaviours of modern businesses have also changed. We used to build businesses a lot like Fort Knox where were did a concrete bunker in the ground and build walls and fences to defend and keep the bad guys out. But today’s modern businesses look a lot more like shopping malls, where there are many service providers, multiple access points and people coming and going day and night. This has resulted a dynamic change in in the organisational perimeter which is now considered to be wherever the user identity and sensitive data is moving.

Compounding the problem: In addition to the ageing technologies and changing dynamics of business, we have a massively increasing volume of highly valued information in our digital ecosystem which is resulting in increasing regulatory and legislative constraints on businesses. According to Mary Meeker’s article in the Internet Trends Report 2018 “When you have rising monetisation, rising growth and rising data collection, it drives a lot of regulatory scrutiny whether it’s related to data privacy, competition or safety in content.” Just this year we have seen significant change in privacy and data breach regulations globally with introduction of the National Data breach Scheme in Australia and the introduction of PSD2 and GDPR in Europe. These regulatory changes are only increasing the burden, cost and risk of compliance for organisations which is creating an almost perfect storm for significant changes in the approach to compliance and security.

Haventec decentralised security is a solution: Haventec enables organisations to directly address these three problem areas though our decentralized security solutions


Thanks for sharing your insights Robert – Haventec is an integral part to keeping BLOCKLOAN’s infrastructure safe and secure!

Read more: