Atlantic Council looks at how to maintain central bank digital currency cybersecurity

cointelegraph.com:

The U.S. thinktank Atlantic Council released a report Wednesday on cybersecurity issues related to central bank digital currencies (CBDC). The authors provide a generalized discussion of CBDC security, but with a clear focus on the United States and issues specific to it.

They determined that the security risks presented by a CBDC depend heavily on its design, with performance, security and privacy being balanced variously in different designs. The report looked at six design options, only three of which are being considered or deployed in real life.

Privacy was identified as the main risk from a CBDC for consumers. In some designs, a CBDC could store a record of user activity and transactions, leading to the risk not only of theft of funds, but also theft of users’ personal information. The report says that:

Reduced regulatory oversight was seen as a risk from the introduction of a CBDC of any type as well. Nonetheless, increased privacy can enhance security, the report said, while still providing “some level” of regulation. The Fourth Amendment to the U.S. Constitution, protecting against unreasonable search and seizure, should apply to the CBDC ledger, the report noted, forcing prosecutors to obtain a court-issued warrant before accessing it.

Related: ‘CBDCs are the natural evolution,’ says HyperLedger director Barbosa

The report provided a range of recommendations for the design of a CBDC. It emphasized that the current system of wholesale and retail payment systems faces significant and complex risks, many of which are the same as a CBDC would face and recommended using existing security systems to safeguard CBDCs too when possible.

The fast recovery of payment volumes on Fedwire, the U.S. Federal Reserve’s domestic