Supply Chain Management

Practical applications of blockchain in Supply Chain Management


The possibilities that the blockchain offers retail and supply chain management providers are pretty vast. Companies implementing blockchain technology for the benefit of retailers cover nearly every stage of the supply chain.

For instance, the WAVE company provides significant support at the logistics stage, enabling direct document exchange among supply chain members within a decentralized network. Due to transparency and evidence at each point in the chain, WAVE eliminates disputes and risks. Another company, Provevance, ensures transparent real-time product tracking and provides details (such as ingredients, whether the product is local or imported, etc.) that might be significant to consumers.

Another case in which the blockchain can impact retail is by tracking buying habits. The Loyyal company is responding to this need and letting retailers better target their consumers by offering a platform for collecting sales information. One final example of a blockchain startup connecting consumers and retailers is OpenBazaar. OpenBazaar is a peer-to-peer network with no fees or restrictions on retailers, payment in cryptocurrencies, and a distributed global database.

The list of blockchain applications in supply chain management and retail is pretty extended: there are solutions for payments, warranties, and proof of ownership. It’s a good time to pay attention to this technology.

Benefits of blockchain technology for supply chain management and retail industries:

Transparency in logistics, ability to store and track all data
Proof of ownership and resale
Better tracking of buying habits
Increased trust due to decentralization

Use-cases for blockchain in Supply Chian Management

Securing edge devices with authentication
As IT focus shifts to supposedly “smart” edge devices with data and connectivity, so, too, goes security. After all, the network’s extension may be good for IT efficiency, productivity and power usage (i.e., good for cloud and data center resources), but it represents a security challenge for CISOs, CIOs and the wider business. Many are subsequently seeking ways of using blockchain to secure IoT and industrial IoT (IioT) devices, given that the technology strengthens authentication, improves data attribution and flow, and aids record management.

For example, startup Xage Security launched late in 2017 claiming that its “tamper-proof” blockchain technology platform distributes private data and authentication at scale across a network of devices. Furthermore, the firm says it supports any communication, can work at the edge with irregular connectivity, and secure a myriad of different industrial systems.

The firm says it is already working with ABB Wireless on power and automation projects requiring distributed security, as well as with Dell to deliver security services on Dell IoT Gateways and its EdgeX platform for the energy industry.

Meanwhile, as yet another real-world example, the Isle of Man government in the UK has taken a different route. It is testing blockchain technology to see if it can prevent IoT devices from compromise (signing unique identities to physical items to affirm authenticity).

These improvements are being embedded at the chipset level, too. Startup Filament recently announced a new chip designed to enable industrial IoT devices to work with multiple blockchain technologies. The idea behind its Blocklet chip is to let IoT sensor data be coded directly into the blockchain with the goal to “provide a secure foundation for decentralized interaction and exchange.”

Improved confidentiality and data integrity
Although Blockchain was originally created without specific access controls (owing to its public distribution), some blockchain implementations now address the data confidentiality and access control challenges. This is clearly a critical challenge in an age where data can easily be manipulated or spoofed, but the full encryption of blockchain data ensures that this data will not be accessible to unauthorized parties while in transit (so little to no chance for successful man-in-the-middle [MiTM] attacks).

This data integrity extends to IoT and IIoT devices. For example, IBM provides its Watson IoT platform with an option to manage IoT data in a private blockchain ledger, which is integrated into Big Blue’s cloud services. Ericsson’s Blockchain Data Integrity service provides fully auditable, compliant and trustworthy data to app developers working within GE’s Predix PaaS platform. 

Secure private messaging

Startups like Obsidian are using blockchain to secure private information exchanged in chats, messaging apps and through social media. Unlike the end-to-end encryption employed by the likes of WhatsApp and iMessage, Obsidian’s messenger uses blockchain to secure users’ metadata. The user will not have to use email or any other authentication method to use the messenger. The metadata is randomly distributed throughout a ledger and thus will not be available for gathering in one single point, from which it could be compromised.

Elsewhere, engineers at the Defense Advanced Research Projects Agency (DARPA) are reportedly experimenting with blockchain to create a messaging service that is secure and impenetrable to foreign attacks. With Blockchain rooted in secure, authenticated communications, expect this area to mature in the near future.

Boosting or even replacing PKI
Public Key Infrastructure (PKI) is the public key cryptography that secures emails, messaging applications, websites and other forms of communication. However, most implementations rely on a centralized third-part certificate authority (CA) to issue, revoke, and store key pairs, which criminals can target to compromise encrypted communications and spoof identities. Publishing keys on a blockchain instead would in theory eliminate the risk of false key propagation and enable applications to verify the identity of the people you are communicating with.

CertCoin is one of the first implementations of blockchain-based PKI. The project removes central authorities altogether and uses the blockchain as a distributed ledger of domains and their public keys. In addition, CertCoin provides a public and auditable PKI that also doesn’t have a single point of failure.

Start-up REMME gives each device its own specific SSL certificate based on the blockchain, which prevents intruders from faking certificates, while tech research company Pomcor has published a blueprint for a blockchain-based PKI that uses blockchains to store hashes of issued and revoked certificates (though, in this example, CAs are still required).

Perhaps PKI can be replaced outright, if Estonian data security startup Guardtime is anything to go by. The firm has been using blockchains to create a Keyless Signature Infrastructure (KSI), a replacement for PKI. Guardtime has grown into “the world’s largest blockchain company by revenue, headcount and actual customer deployments,” and it has secured all of Estonia’s one million health records with the technology in 2016.

“At present we rely on PKI on creating our trust infrastructure, but this is often flawed, especially as cybercriminals are now creating their own digital certificates,” says Buchanan. “With blockchain methods we can then sign transactions using citizen-generated identities.”

A safer DNS
The Mirai botnet showed just how easy it is for criminals to compromise critical internet infrastructure. By bringing down the domain name system (DNS) service provider for most major websites, the attackers were able to cut off access to Twitter, Netflix, PayPal, and other services. A blockchain approach to storing DNS entries could, in theory, improve security by removing the single, attackable target.

Nebulis is a new project exploring the concept of a distributed DNS that supposedly never fails under a deluge of access requests. Nebulis uses the Ethereum blockchain and the Interplanetary Filesystem (IPFS), a distributed alternative to HTTP, to register and resolve domain names. “At the core of the internet, we see critical services such as DNS providing opportunities for a large-scale outage and also for hacks against organizations,” says Buchanan. “Thus, a more trusted DNS infrastructure, using blockchain methods, would considerably aid the core trust infrastructure of the internet.”

Reduced DDoS attacks
Blockchain startup Gladius claims that its decentralized ledger system helps to protect from distributed denial of service (DDoS) attacks, a significant claim when attacks are rising over and above 100Gbps. The firm says its decentralized solutions can protect against such attacks by “allowing you to connect to protection pools near you to provide better protection and accelerate your content.”

Interestingly, Gladius claims that the decentralized network allows users to rent out their spare bandwidth for extra money, with this excess bandwidth then “distributed to nodes which in turn funnel the bandwidth to websites under DDoS attacks to make sure they stay up.” In less busy times (with no DDoS attacks), Gladius says its network “speeds up access to the internet by acting as a content delivery network.” 

Taking the Human Component Away from Security

Centralized architecture for managing and securing passwords remain one of the most significant weaknesses of traditional authentication systems. The reality remains that most human beings are not great at handling high-security passwords and keeping them safe. Therefore, regardless of how much resources the corporations spend on their security systems, humans remain the weakest link in the cybersecurity framework of corporations. Blockchains can help in this regard by automating the authentication process of system logins. With blockchains, a security system could make use of a distributed public key infrastructure based on the blockchain to authenticate devices. This would ensure that only authorized personnel could get access to the databases that store sensitive information.

Making Cyber Storage Safer

Blockchains have provided us with a unique way to safely store data on a network. With blockchains, if an attacker tries to tamper a block, the protocol recognizes that the block doesn’t conform with the rest of the blockchain and simply rejects it. Further, since in a public blockchain all of the transactions are visible to everyone, it is very easy to track the source of any malicious activity by matching public keys. In this way, security is ensured without relying on a central authority.

Blockchain is a decentralized, distributed electronic ledger built on the model of offering absolute security and trust. Using cryptography, transactions are recorded chronologically and publicly, each one time-stamped and linked to the previous one. Critically, these digital ‘blocks’ can only be updated through the consensus of all participants, with data interception, modification and deletion near impossible.

Solution Providers using Blockchain for Supply Chain Management


Project Provenance

Powered by mobile, blockchain and open data, our game-changing software enables retailers and producers to open product data, track the journey of goods, and empower customers with access to knowledge.



WAVE connects all members of the supply chain to a decentralized network and allows them a direct exchange of documents. WAVE’s application manages ownership of documents on the blockchain eliminating disputes, forgeries and unnecessary risks.