Over the last decades, we have seen an enormous push towards streamlining inter-business processes
However, while most communications have moved from paper to digital, many of the ‘messaging systems’ companies use to collaborate with their partners and clients rely on third parties who introduce overhead complexities and costs, while providing little to no data integrity. traceability or proof of authenticity.
We see this pattern in many industry sectors, including insurance. Insurance companies collect data, and in some cases are required to share it with other insurers, and make it available to auditors and regulators. However, even today, much of this data is captured and moves by email in Excel files, or worse by fax or snail mail. These systems fail to provide any meaningful data security, traceability or accountability. And in a highly regulated and competitive environment, the challenge for insurers has been to ensure compliance while keeping back-office costs low.
At Stratumn, we believe that in today’s hyperconnected economy, companies need tools to better collaborate with their partners, their customers and regulators.
Stratumn’s Proof of Process is designed specifically with these requirements in mind. Our platform solves the trilemma of simplifying regulatory compliance procedures, protecting access to private data and reducing operational costs of friction. Proof of Process leverages peer-to-peer technology, blockchain technology, and cryptography to allow organizations to collaborate and share data while being able to prove: who, did what, at what time, in what order, and for what reason.
Insurance provider mobility in France (Hamon Law)
Signed into law in 2016, Loi Hamon rebalances the power between insurance professionals and consumers. This new regulation makes it effortless for home and auto insurance policyholders to switch insurance providers at any time after one year of coverage. The law defines the process through which the customer’s new and old insurance companies formalize transferring the policy, and the legally required timeframe for this process to take place.
Currently, insurance companies rely on solutions such as the French Post’s Electronic Registered Mail service to exchanges messages, which provides a certified timestamp recognized by law. Certification of these messages is essential as it gives insurers the necessary legal protection required in the event of a dispute or audit. However, these solutions have several drawbacks.
There is no workflow management, or ability to automate parts of the process and streamline data validation.
The lack of real-time traceability means insurers have limited ability to make informed business decisions and have little insight into the state of the process (for example, tell customers of the status of their request).
It’s quite expensive. At several euros per message sent, plus indirect costs of data entry and error handling, there’s a massive incentive to adopt a leaner and more integrated solution.
French insurers can greatly benefit from an integrated and shared solution that provides a trusted and certified audit trail, streamlines data validation, protect private data while reducing direct and indirect costs.
Enter customer mobility and Proof of Process
We worked with the French Federation of Insurers (FFA), 14 leading insurance companies in France and Deloitte to build an experimental solution that allows its members to efficiently and securely manage the customer mobility workflow. All administrative procedures such as canceling the old policy, transferring any specific customer data, and ensuring the new contract is activated without a lapse in coverage, are assured by the companies, who engage in a series of message exchanges.
Our solution leverages the Proof of Process Protocol to provide end-to-end traceability, enabling all stakeholders to securely access a single shared version of the truth in real-time. Requests are made and recorded in a distributed ledger and data is entered along a pre-defined workflow. These proofs are sent to the blockchain network, maintained by insurers and potentially oversight authorities or the regulator.
In addition to significantly improving the mobility process, we are working towards ensuring consumer data is handled in compliance with the European Union’s General Data Protection Regulation (GDPR), which comes into effect in 2018.
Under the hood: Proof of Process and Indigo Framework
Our implementation of the Proof of Process Protocol, the Indigo Framework is a suite of middleware tools that allow a front-end application to interact with the blockchain. Indigo is built on top of Tendermint, a robust and scalable blockchain protocol that is very well suited for consortium networks.
A bit about Tendermint: “Tendermint is software for securely and consistently replicating an application on many machines.”
Simply put, it is a blockchain stack that allows developers to build custom applications, and where the state of those applications is replicated across a network using Byzantine Fault Tolerant consensus. Tendermint is unique from other blockchain software packages in that it lets developers write their application (or smart contract) in any programming language, rather than being tied down to the language imposed by the blockchain protocol (such is the case with Solidity in the Ethereum Virtual Machine). The application communicates with Tendermint Core, which encompasses the consensus mechanism and ledger storage, through a protocol called Application BlockChain Interface (ABCI).
In addition to being very flexible, Tendermint also has the advantage of being highly scalable. With the ability to achieve several thousands of transactions per second in a consortium configuration, it was the ideal blockchain architecture for our needs when implementing Proof of Process.
FFA application architecture
The client application represents the interface through which users interact with their process. This can be a web application or standalone enterprise software (e.g.: SAP, AS400 or custom software). In the case of this project, we worked with Deloitte to build a custom web app which insurers can use when onboarding new clients.
The Indigo Framework provides the Agent UI, which can be incorporated into the application and gives internal auditors the ability inspect and verify process data written in the blockchain. The Agent UI is to your business application what the code inspector is to your browser.
Proof of Process Agent
The Proof of Process Agent (or Agent) allows the client application to interface with the blockchain. The Agent interprets the code in which we define application-specific API endpoints. For a process where every participant effectively has the same role and shares a standard user interface (such as with the FFA project), the Agent code is the same. For more complex processes where actors have very different ways of interacting with the blockchain (such as in a supply chain), the Agent code will be unique for every actor in the network.
Tendermint Proof of Process (TM PoP)
TM PoP is a set of instructions specific to the Indigo Framework. It receives data from the Agent and prepares it before being sent to the blockchain. Here, the data is validated by consensus and added to the immutable ledger. TM PoP also has its own storage layer that retrieves raw transaction data from Tendermint Core and stores it in a format which is more easily readable by the Agent. TM PoP implements the ABCI protocol to communicate with Tendermint Core.
At the core of Indigo is Tendermint Core, a robust blockchain protocol that implements BFT consensus. This layer handles consensus and peer-to-peer communication between network nodes while storing the raw process data in the immutable shared ledger. It provides a shared and secure data repository to all stakeholders while reducing dependency on trusted third parties.
Beyond Customer Mobility Towards Industry-Wide Platforms
We’ve demonstrated a completely digitized process where a blockchain network validates the workflow’s business logic. What this enables is quite powerful: we can build shared workflows with multiple independent participants and still makes confident business decisions thanks to a single source of truth. The data and the proofs are available in real time, which enables participants to gain actionable business insights into their core processes, and gives the regulator the ability to perform real-time audits.
Customer mobility in the context of insurance is just the beginning. This first industry-wide blockchain initiative provides the French insurance industry with the infrastructure necessary to experiment with new applications. The insurance industry can leverage this flexible backbone infrastructure to build new types of secure collaborative applications, potentially enabling new business models to emerge. We are working closely with our clients, partners and investors to deploy several of insurance industry applications in the coming months. We look forward to continued collaboration with our partners and the FFA to widen the scope of this project and bring more transparency and accountability to the insurance industry.
Sebastien Couture is a technologist and host of the Epicenter Podcast.