CP-68:Blockchain & Digital
signatures = Legally Enforceable Costpoint
Transactions
Dmitri Tyles, Deltek
The specifications, functionality and schedules described in this
Roadmap reflect Deltek’s current estimates, may change without
notice and do not constitute obligations of Deltek.
The information shared today regarding future product features
is considered confidential. Furthermore, it does not represent
a commitment on the part of Deltek to deliver the new
functionality that is discussed, nor does it obligate Deltek to
deliver any new functionality within any specific timeframe.
Disclaimer
Agenda1. External vs Internal automation
2. How blockchain helps
3. Costpoint Use Cases
3
4
Internal vs External automationAll ERP vendors are focused on automating business processes WITHIN an enterprise
… but there was always a need to automate processes across enterprises
… and with an increasingly integrated economy this need and value of external automation is constantly growing
However, the ERP industry is yet to provide out-of-the-box solutions for “external automation” space …
The key technology challenge precluding the industry to automate business processes between companies is inability to create
LEGALLY ENFORCEABLE TRUST
Internal vs External automation
5
Blockchain is a technology which allows
to create trust between two parties who
want to work together but do not trust
each other
How blockchain helps?
6
Blockchain is a distributed ledger (database) of digitally signed
transactions
• Distributed
- each participant has its own copy (as participants do
not trust each other)
- Same as today each party has its own copy of a paper
contract
• Digital signatures are accepted in courts
- ESIGN, UETA regulations in US
- eIDAS in Europe
- Other countries have their own similar laws
Blockchain – key concepts
7
Costpoint Use-Cases
8
• Prime will get blockchain ledger as part of Costpoint deployment – on-
prem or Cloud
• Suppliers who also have Costpoint can form blockchain with Prime out of
the box.
• Suppliers who don’t use Costpoint can have their blockchain node/ledger
hosted in Deltek Cloud
9
Basic deployment options
Prime
Blockchain ledgerNode 1
Supplier A
Blockchain ledgerNode 2
Supplier B
Deltek Cloud
Blockchain ledgerNode 3
• Two key use-cases:
– Make PO transactions between Prime and
Vendor/Supplier in Sub-Contractor Mgmt and Supplier
portal legally binding
– Make invoice approvals by Prime and Supplier legally
binding
10
Step 1: Legal enforcement of existing transactions
- Prime’s instance of Costpoint may enforce legally binding agreements- “Smart contracts” in blockchain terminology
- E.g. a transaction may dictate that Prime can’t bill for any product which contains a part from a supplier which wasn’t paid for after 90 days. Prime’s own instance of Costpoint can enforce the contract on Supplier’s behalf instantly and more effectively.
- Auditors can see a single mutually signed view of Prime/Supplier transactions – single version of the truth
11
Use established Trust to provide new capabilities
- If a Supplier is also using Costpoint:
- Supplier’s instance of Costpoint can also automate
compliance with the terms of legal agreements
- We could provide out of the box solution to start tracking
shipment of goods and payments through the same
blockchain ledger for both Prime and Suppliers
12
Use established Trust to provide new capabilities
Digital signatures using FIDO devicesLightweight alternative to blockchain
13
What is FIDO?
14
• Fast Identity Online (FIDO) - new security standard quickly gaining industry
adoption
– FIDO alliance has 200+ members with diverse group of large industry
leader on its board
• Microsoft, Google, RSA, Intel, Lenovo, MasterCard, VISA, American
Express, etc
– More than 200 products from global technology leaders are now FIDO
Certified
– New standard brings major improvements in security, usability, privacy –
at the same time
• stealing database with user credentials from the server is no longer
possible as user credentials are no longer stored on the server
• Biometric authentication becomes the “norm” which significantly
improves both security and usability.
What is Web Authentication standard?
15
– W3C released new Web Authentication (WebAuthn) standard in April 2018
• Defines an easy way to include device/biometric authentication in any Web browser
based application
• WebAuthn does not require traditional password
• Chrome, Firefox and Edge already support new standard, Safari is in-progress
– The number of supported authentication devices, methods and scenarios rapidly grows
• Edge, Chrome support fingerprint, Bluetooth and face recognition on Windows 10
laptops
• Chrome supports fingerprint and Bluetooth authentication on Android phones
• Separate fingerprint USB devices are already available
FIDO devices as a way to sign business transactions
16
– FIDO devices can be used to digitally sign authentication
requests as well as business transactions
– Digitally signed transactions can’t be altered without
detection
… but can be deleted if they are only stored by one
company
– Need to evaluate the risk/likelihood that e.g. Prime
responsible for storing transactions would intentionally
delete them
Conclusion
17
• Lack of legally enforceable trust is the barrier to
automating inter-company business flows
• Digital signature and blockchain are key technologies
which help establish legally enforceable trust through
software
• There are multiple use-cases in Costpoint where
customers could benefit from increased level of trust and
cross-company automation