Precision time protocol built for Zero Trust Architecture
In this article:
There are some security concerns with NTP because it uses a stateless protocol for transport and is not authenticated. Also, there have been some incidents of denial of service attacks against NTP servers making them temporarily unavailable to supply time information.
The rise of the cashless trend underscores the necessity for a robust and resilient time synchronisation solution to address challenges posed by satellite connectivity failures and cybersecurity risks.
Having a complete, secure, resilient time service built on Zero Trust makes the necessary foundation for an entire network infrastructure allowing reliable authentication, systems monitoring, event detection and rapid response as well as post-facto forensics and analysis.
“Network time often falls through the gaps of cybersecurity practices, creating high operational risks for regional and community banks, and financial services.”
“In payment applications, implementing Zero Trust Architecture requires a strong foundation of secure and resilient precision timing. This enables time-based authentication and supports forensic analysis that would otherwise be impossible.”
Digital transformation and payment processing platforms
Everyday the prospect of a cashless payments draws closer, with only four in ten US and one in six UK transactions now being made in cash. A rising number of businesses are going through digital transformation and refusing to accept cash, with many opting to become card-only in the past years.
The cashless phenomenon is symptomatic of a wider cultural shift towards digital transformation. Over the last few centuries technology has increased the global reach and average speed of human life pace. Financial transactions have become increasingly fast and convenient, which in turn spurred economic growth. Our reliance on the convenience brought about by all things digital is growing every day, and at an exponential rate. However, digital transformation does not always lead to extra security.
The role of accurate time synchronisation
Going through digital transformation and becoming cashless is convenient – it eliminates the middleman, helps avoid corruption and is effective in fighting organised crime. Nevertheless, the convenience has a flip side – digital vulnerability. Indeed, a cashless society calls for a fundamental agreement on when digital transactions took place. A way to ensure that such agreement is in place is by having accurate time synchronisation, traceable timestamping, and Zero Trust Architecture. Timing is also a necessary component of global, regional and community banking– regulations such as the Second Markets in Financial Instruments Directive (MIFID II) in the EU, and Consolidated Audit Trail (CAT) in the US legally require time synchronisation and timestamping to be accurate and reliable.
This increasing popularity of living cashless coupled with the intensifying level of demand for cybersecurity and trusted timestamping has exposed the essential need for a systemic solution for when things go wrong, a failsafe backup system to correct any misalignments. If global, regional, or community banks were to lose their satellite connectivity, digital payment systems would begin to fail and a cashless society would begin to crumble. Indeed, few people realise how dependent we are on the satellites that play a role in our everyday lives.
While GNSS signals are widely available and free, they are subject to interference and are becoming more vulnerable to assault. Satellites in a 20-kilometre medium-earth orbit broadcast one-way signals in the 1.2-1.6 GHz waveband. This implies that they can be easily disturbed, either deliberately or inadvertently. The most common causes of GNSS disruption are unintentional interference, jamming and spoofing. Unintentional interference occurs when radio waves are generated by equipment ranging from microwave ovens to faulty antennas, drowning out weak GNSS signals. Intentional interference ('jamming') is becoming more prevalent, most notably when commercial drivers jam their on-board monitoring systems to obscure their tracks. Spoofing is a more advanced kind of interference in which fake GNSS signals are created to fool GNSS receivers into thinking they are in another location.
Additional to that, the reliability of the time source matters. During a criminal or forensic examination, the timestamps on your network may be compared to devices outside. Because of this, you want to make sure the source you are using is as accurate as possible. One of the most common protocols in use for time synchronisation is NTP. NTP servers are often temporarily unavailable to supply time information when they are under denial of service attacks.
Accurate time synchronisation for Zero Trust Architecture
The big question is this - How can digital payment systems function well in the digital economy?
This is where accurate time synchronisation and traceable timestamping come in. These timing solutions work by linking grandmaster clocks to multiple primary UTC sources in a timing hub, which means that connectivity providers can syndicate highly accurate time to servers in any data centre in the world over Internet Protocol via low-latency fibre cables. Time synchronisation software then adjusts the server clock to match the time feed, measures the internal latency and creates traceable and trusted timestamps logs, which are stored in the cloud.
Timing providers have developed systems built on a network of mutually robust cloud timing hubs, each of which is made up of three nanosecond-accurate grandmaster clocks linked to three distinct sources. The hubs compare the various timing sources on a regular basis to guarantee that accurate time synchronisation and traceable timestamps are always maintained. Thus, network delivered traceable timestamping solutions are bound to become even more relevant as we move towards Zero Trust and a completely cashless life.
Ready to learn more?
When thousands of transactions take place every second, this level of accuracy and reliability is required to give global, regional and community banks confidence that their transactions are being securely handled. A highly accurate timing solution built on Zero Trust Architecture is ready to be rolled out without the purchase and installation of additional timing infrastructure.
Hoptroff Traceable Time as a Service (TTaaS®) is a range of network and software-based timing solutions that are simple, resilient, and cost-effective.
Whether you need the security of verifiable time for compliance, or nanosecond delivery, our obsession with accuracy will transform your business.
