enterprisesecuritymag

Rivetz: Can Blockchain Remedy Corporate Security Headaches?

Steven Sprague, CEO, RivetzSteven Sprague, CEO The blockchain revolution began with Bitcoin, a meteoric cryptocurrency that has garnered equal parts praise and skepticism. The harshest Bitcoin critics lambast it for lacking intrinsic value, but few – if any – question the value of underlying blockchain technology.

Blockchain technology with its distributed ledger is quietly redefining the corporate cybersecurity paradigm. But most of those blockchain solutions have to do with the inability to change or steal the information once it’s recorded. It does not make sure the person accessing the information is who they say they are, and does not ensure that person has permission to conduct those transactions.

Blockchain is a distributed ledger technology that encrypts a transaction through complex mathematical algorithms. Because of the strength of this math, the transaction can only be decrypted by those who hold the private key to that transaction. Multiple copies of the ledger of these transactions are stored in many places, decentralized, so they can quickly and easily compare one node copy ledger to another’s node and ensure no one has tampered with it.

The Achilles’ heel is if your private key is stolen. Once a private key has been stolen, data can still be recorded on the blockchain, but you have no way to prove it was not intended. Whoever holds the key can make changes. It is almost impossible to detect theft of private keys because the blockchain stores no evidence about how the key is protected or used.

"The foundation of the Rivetz service relies on known devices in known conditions to protect digital assets"

“Like most new technologies, distributed ledger systems also pose certain risks and uncertainties which market participants and financial regulators need to monitor,” said the Financial Stability Oversight Council.

However, some tech companies are working on solutions to protect and control the private keys.

Securing the Blockchain

One of the more promising security solutions is from Rivetz, which provides decentralized cybersecurity solutions.

Rivetz ensures your devices are in a “known” condition by performing a check that records each device’s integrity, storing it on the blockchain


Billions of smartphones and computers already have embedded within them the Trusted Execution Environment (TEE), which is an isolated and measured computer environment separate from the operating system. The problem is, most applications don’t use the TEE because they don’t have the tools to use or access it, and also lack the understanding of its value. Rivetz is bridging the gap between the TEE and the operating environment of the device, providing a simpler, more seamless means for developers to take advantage of the built-in security.

Once a developer integrates Rivetz into their app, a simpler and safer model for access and authorization becomes possible – instead of relying on users and their passwords to connect to a service.

Rivetz ensures your devices are in a “known” condition by performing a check that records each device’s integrity, storing it on the blockchain, so future device integrity checks can be compared with past checks, verifying that your devices’ hardware has not been altered.

Ultimately, this means that your private key protections are still in place, assuring the safety of your private key and your identity.

“The lack of provable security is one of the fundamental issues faced by blockchain solutions,” said Steven Sprague, CEO and cofounder of Rivetz. “Our approach to cybersecurity is fundamentally different than the present system of being able to login with your password from any device in the world. Security should not be in the context of risk, but in the value it affords the participants. A well-secured transaction is qualitatively more valuable than a transaction conducted with no controls.”

The Rivetz approach is device-centric, framing its security system so that your digital information and services can only be accessed from your trusted devices. This makes it incredibly difficult for nefarious parties to gain access to your information.

A Groundbreaking Moment in Decentralized Cybersecurity

“One of the greatest challenges in cybersecurity is making the solution effective and – most importantly – nearly invisible to the end user who has very little tolerance for disruption,” said Sprague.

Rivetz’s cybersecurity utility token, or RvT, was designed to do just that: create seamless and verifiable security controls for blockchain transactions.
The RvT is an ERC20 token managed on the Ethereum blockchain and provides a new economic mechanism for delivering automated device-to-device payment for the consumption of cybersecurity services and delivery of software and service licenses. These tokens manage and compensate internal and external cybersecurity controls enforced by the Trusted Execution capabilities of that device. This provides a payment source bound by the owner’s policies, assuring that only approved service providers are paid the correct amounts at the correct times.

“The key to increasing the utilization of trusted computing technology is a business model that that supports an ecosystem for security as a service,” said Sprague. You set the policy for how the token will execute your digital transactions – for example, you could specify that the token may buy candy, but not vodka. The RvT token seamlessly adds a crucial layer of protection to your digital transactions and authentication across devices.

The Future of Rivetz

With scores of new tokens flooding the blockchain market, consumers are daunted by the task of managing tokens and automatic spending. Rivetz, however, is working to ease this process in the future.

“The first step for us is to forge developer tools, incorporate the capabilities into user applications and roll out these capabilities with numerous partners spanning over a wide range of verticals,” said Sprague. “Our long-term focus is to help enterprises manage their collection of devices with end-user identities.”



With this device-centric model of security and digital identity management, Rivetz simplifies the end user experience and creates a powerful security solution for IT managers. With its technology brokering the relationships between an end user’s collection of devices and the services they use, Rivetz can create a seamless experience to deliver safe, secure and private experiences for digital services.

“The foundation of the Rivetz service relies on known devices in known conditions to protect digital assets,” Sprague concluded.

Rivetz uses the combination of trusted computing and blockchain to deliver such security.