Two incumbent tech giants have positioned themselves in the middle of a frenzy of blockchain projects and partnerships designed to help financial services firms become quicker and more efficient at a plethora of things from trade finance to securities settlement to loans and debt tracking to cross-border payments.

IBM and Microsoft are taking decidedly different paths and banks will want to closely examine the technology stacks and the security and privacy decisions the two are making as they sort their own future with blockchain technology.

On Tuesday morning Microsoft announced it’s part of a new consortium called the Enterprise Ethereum Alliance. It includes 30 technology and financial services partners including JPMorgan Chase and Intel that plan to build a blockchain based on Ethereum.

Also on Tuesday morning, the IBM-led Linux Foundation Hyperledger Project announced 11 new members, bringing its total to 122. New members include Bank of England, Bitmark, China Merchants Bank, Federal Reserve Bank of Boston, Initiative for CryptoCurrencies and Contracts (IC3), American Express and Daimler.

The good news is that banks won’t necessarily have to choose between the two — at least not for now. Plenty of companies, including Intel, JPMorgan Chase, ING, Thomson Reuters, BNY Mellon, Monax and Consensys, support both the Hyperledger Project and Ethereum-derived projects. Of course, other blockchain alliances exist, as do individual partnerships between banks and blockchain projects.

New kid on the block

IBM looks to permissioned blockchain

In the small English Channel island of Guernsey, one of the banking industry’s most mature blockchains is being used to handle private equity deals.

It’s not a pilot. It’s in production in the real world, and it has won the approval of local regulators. It is based on the Linux Foundation’s Hyperledger Project technology and IBM security and cloud technology. Northern Trust hosts it for Swiss asset management firm Unigestion to manage a private equity fund that’s domiciled in Guernsey. Smart contracts and transactions are posted to the distributed ledger to be shared among all parties instantaneously.

And a look at this deployment reveals IBM’s vision of blockchain technology — a private distributed ledger used by known and trusted partners on an invitation-only basis.

About a year and a half ago, IBM considered using the bitcoin and Ethereum blockchains, as the new Enterprise Ethereum Alliance is doing.

“We so wanted those to work because we wanted to spend most of our time focusing on using the blockchain platform, rather than building one,” said Jerry Cuomo, fellow and vice president of blockchain technologies at IBM. “But we found that, given the types of business processes and ecosystems we saw users wanting to apply, the anonymity property of bitcoin’s blockchain and Ethereum’s blockchain wasn’t going to cut it.”

So IBM built its own blockchain with data privacy, confidentiality, and auditability built in. It donated this code and some related patents to the Linux Foundation Hyperledger Project and continues to contribute to it, along with others including the London Stock Exchange, the DTCC and Digital Asset Holdings. The technology is what’s called a “fabric”: a standards-based foundational layer upon which other blockchain applications can be built. IBM also contributed cryptography and smart contract code. (Smart contracts are computer programs that can automatically execute the terms of a contract.)

The IBM blockchain is permissioned, meaning you have to be invited by an existing member to use it. The “governors” of a blockchain issue cryptographic membership cards for participants. Each participant can see only the transactions on the ledger that pertain to them. Regulators and auditors, however, could be given membership cards that decipher more of the ledger.

In the Northern Trust blockchain, IBM also provided what it calls the first installation of a mainframe in a cloud. It’s using a LinuxOne mainframe in one of its data centers “that speaks Linux as its dialect, which makes it ultra-compatible with our blockchain technology,” Cuomo said. Participants in the private equity fund get access to a web-based portal where they can upload documents, sign documents or query the status of accounts being opened or new funds being created.

There’s a built-in workflow for managing private equity deals. “Private equity funds typically run 10 years, and a lot of things happen in those 10 years of life,” said Kevin Pleiter, partner and global leader for IBM Financial Markets and project lead for Northern Trust. “There are drawdowns on capital, there are investments made, there’s a whole host of things and they all need to go through their own life cycle, so all those life cycles and administration of those life cycles are now managed on this blockchain in a transparent and secure fashion.”

This replaces the many emails and phone calls that typically pass back and forth among investors, fund administrators and fund companies.

IBM also provided the cryptography and a hardware security module that protects the cryptokeys each blockchain administrator uses to sign transactions to make them tamper resistant.

“It’s a double level of security,” Cuomo said. “Private equity has private in the name, they get pretty grumpy if there’s any chance of exposure.”

Banking industry vets who see value in blockchain technology have long sought a private version of it — a distributed ledger to be used by only an exclusive set of trusted parties to keep track of transactions and contracts between them, not a public record open to the prying eyes of the world. This of course runs counter to the original premise of blockchain — that it would be a shared, trusted, public ledger for bitcoin that everyone can see and no one controls. But bankers often have an aversion to this, given their need to keep client data private and desire to not let competitors see internal data such as transaction volumes.

In another critical distinction between this project and myriad other blockchain initiatives out there, this one passed the security and compliance requirements of the Guernsey Financial Services Commission. You might wonder how strict this regulator would be, given that the island’s economy is partially dependent on private equity business. But because Guernsey is the third-largest private equity market, it has to enforce strict compliance with financial laws.

According to Justin Chapman, global head of market advocacy and innovation research at Northern Trust, it’s tough — the equivalent of European and U.K. regulators.

“Guernsey is one of the most highly regulated private equity markets around the globe,” he said. The regulator was involved throughout the developing and testing process “to make sure they’re comfortable with what we’re doing, making sure the digitization of private equity still got the jurisdictional support and tax fees you’re required to have offshore,” Chapman said.

If the regulator didn’t enforce proper rules, “who knows what would happen to the money,” Pleiter said. “They wouldn’t have the ability to attract the large scale of private equity they have on the island.”

Security was the top concern of the regulator as well as other participants, including Northern Trust.

The bank has been working on distributed ledger technology for two years and has completed 20 proofs of concept in its labs.

“Deploying this technology into a live, production environment and a regulatory framework is very different from doing something in a lab,” Chapman noted.

The bank chose to go live with private equity first because private equity deals tend to be manual and paper based and the number of participants is limited, so collaboration is easier to manage.

“We’ve tried to automate the manual processes between the parties, to speed up the processing time for private equity transactions,” Chapman said. Legal agreements, contracts and other paperwork are kept in one place, where all involved have an immutable view of the same transactions.

“We think just taking the inefficiencies out between the players creates a better product and a better service,” Chapman said. Having a single version of the truth can make negotiations simpler.

The technology could be the foundation for other deliverables and products Northern Trust offers, Chapman said.

Microsoft opts for Ethereum and openness

Where IBM is focused on security, privacy, control and compliance, Microsoft is more focused on openness — letting organizations choose the combinations of technology that work best for them.

Microsoft Blockchain as a Service includes Azure as the platform or fabric for blockchain, developer tools in Visual Studio, and a set of partner technologies that extend the capabilities of Microsoft’s technology.

Azure will be open to a variety of blockchain protocols, supporting protocols like Hyperledger and Ethereum.

“We believe our open platform approach, which will support many blockchain protocols including Hyperledger, Ethereum and others, will empower businesses to choose the technologies that work for them, and not force-fit one technology to the entire market,” said Microsoft spokesperson Tyler Petersen.

To be sure, Microsoft isn't against permissioned blockchains. The company says they will be essential to commercial adoption of blockchain technology.

The group Microsoft joined Tuesday, the Enterprise Ethereum Alliance, is developing blockchain technology based on Ethereum. The alliance will investigate hybrid architectures that include permissioned and public Ethereum networks.

The group, which includes Accenture, BBVA, BNY Mellon, BNP Paribas, BP, Cisco, Credit Suisse, ING, IC3, Thomson Reuters and UBS as well as JPMorgan Chase, Banco Santander and Intel, demonstrated a transaction between BNY Mellon and Banco Santander on JPMorgan’s Quorum blockchain technology at a summit on Tuesday.

According to Marley Gray, "principle" blockchain architect at Microsoft, along with openness the company works to provide security, privacy, transparency and regulatory compliance, as well as scale and performance.

“Microsoft has invested more than $15 billion in building a resilient cloud infrastructure and cloud services that are highly available and secure while lowering overall costs,” Gray said. “Microsoft has announced 38 Azure regions around the world with 34 generally available today.”

Microsoft expects to announce a live, production implementation of its blockchain-as-a-service soon. One project in the works is with WebJet, a hotel booking site. A blockchain could make the booking process much more efficient for the Australian company.

Editor at Large Penny Crosman welcomes feedback at penny.crosman@sourcemedia.com.

Updated February 28, 2017 at 10:45PM: Updated to incorporate more detail about Microsoft's view of permissioned blockchain technology.