 from theCUBE studios in Palo Alto and Boston. It's theCUBE, covering IBM Think. Brought to you by IBM. Hi, everybody, we're back. This is Dave Vellante of theCUBE and this is our wall-to-wall coverage of IBM's digital think experience for 2020. We're really excited to have Jerry Cuomo on. He's the vice president of blockchain technologies and an IBM fellow and longtime CUBE alum. Jerry, good to see you again. Thanks for coming on. I wish we were face-to-face, but this'll do. Good to see you too. Yes, thanks for having me. So we've been talking a lot. I've been talking, I've been running a CEO series. Of course, a lot of the interviews around IBM Think are focused on COVID-19. But I wonder if you could start off by just talking a little bit about blockchain. Why blockchain? Why now? Especially in the context of this pandemic. Dave, it's as if we've been working out in the gym, but not knowing why we needed to be fit. And I know now why we need to be fit. Blockchain is coming just in time with the trust factor and the preserving privacy factor. The way we move forward and the world is now becoming more digital than ever. People working from home, the reliance on online services is critical. And our ability to work as a community of companies to share data is critical. And blockchain brings a magical ingredient and that's the ingredient of trust. In sharing data, if that data and the sources that are providing that data are confirmed, verified and trusted, we're more likely to use that data. And any friction that's caused from fear or trepidation that the data is going to be misused goes back to go away. And when that happens, you speed up an exchange and we need speed, time is of the essence. So blockchain brings a platform for trusted data exchange while preserving privacy. And that provides a foundation to do some amazing things in this time of crisis. Right, and it's not only trust, it's also expediency and cutting out a lot of the red tape. And I want to talk about some of the applications you're heavily involved in the Distributed Ledger project, one of the early leads on that. Talk about some of the ways in which you're applying that Distributed Ledger and let's go into some of the examples. So we're really fortunate to be an early adopter of blockchain and provider of blockchain technology and kind of the fruit of that, as I said, couldn't happen any sooner where we have, I would say over a thousand users using IBM blockchain which is powered by the open source hyperledger fabric. But I'd say over a hundred of those users have reached the level of production networks. And it's been great to see some of the proprietors of those networks now repurpose the networks towards hastening the relief of COVID. And one, a couple of examples that stand out Dave, you've seen what's happening to our supply chain. And I think we got some rebound happening as we speak, but companies all of a sudden woke up one morning and their supply chains were exhausted. So suppliers were out of key goods and the buyers needed very rapidly to expand the suppliers in their supply chain. And there are laws and regulations about what it takes to onboard a new supplier. You want to make sure you're not onboarding bad actors. So in IBM, for example, we have over 20,000 suppliers to our business and it takes 30 to 40 days to validate and verify one of those suppliers. We don't have 30 to 45 days. Like, think about you're a healthcare company or a food company. So working with a partner called ChainYard, we've co-created a network called Trust Your Supplier. And we've been able to repurpose Trust Your Supplier now for companies that are looking around COVID-19 to rapidly expand their supply chain. So if you imagine it taking us 45 days or 40 days to onboard a new supplier, pick a company in our supply chain, Lenovo. That supplier may very well want to go to Lenovo too and provide services to them. Well, guess what? It's going to take 40 days to onboard to Lenovo. But if they're part of the Trust Your Supplier network and they've already onboarded to IBM, they're well on their way to being visible to all of these other buyers that are part of the IBM network, like Lenovo and many others. And instead of taking 40 days, maybe it only takes five days, right? So radically, radically improving the time it takes. And with companies like Ford making ventilators and masks, you're going to be able to onboard Ford into healthcare companies. But we want to be able to do it with speed. So Trust Your Supplier is a great use of blockchain to expand a buyer and supplier's exposure and expand their network to quickly onboard. And with the trust that you get in exchanging data from blockchain with the provenance that, hey, this company information was truly vetted by one of the trusted members of the network. There's no fear or trepidation that somehow these records were tampered with or misused. So that's one example, Dave, of using blockchain. That's a huge example that you gave because you're right. There are thousands and thousands of companies that are pivoting to making, like you said, ventilators and masks. And they're moving so fast and there's got to be a trust involved. I mean, on the one hand, they're moving fast to try to save their businesses or in the case of Ford, helps save the country or the world. On the other hand, there's risks there. So that helps. I want to understand Mipasa because basically, if I understand it, you can privately share information on folks that are asymptomatic but might be carriers of COVID-19. Am I getting that right on? So Mipasa starts as a project from a company called Hasera and their CEO, Jonathan Levy. And among other things, Jonathan Levy is an amazing software developer and he's helped us and the community at large build the Hyperledger Fabric blockchain technology. That's part of IBM, that powers IBM blockchain. So Jonathan had this idea because what was happening is there were many data sources from the very popular and well-known Johns Hopkins source and we have information coming from the weather company. There are other governments putting out data. Jonathan had this idea of a verified data hub. So how do we bring that information together in a hub where a developer can now get access to not just one feed, but many feeds knowing that both the data is in a normalized format. So that's easy to consume. And if you're consuming 10 different data sources, you don't have to think about 10 different ways to interact it, kind of normalizing it through a fewer like maybe one, but also that we really authentically know that this is the World Health Organization. This is indeed John Hopkins. So we have that trust. So with Mipasa being a data hub for verified information related to the coronavirus, really laying a foundation now for a new class of application that can mash up information to create new insights, perhaps applying artificial intelligence, machine learning to really look not just at any one of those data sources, but now look across data sources and start to make some informed decision, to say operate with the lights on and with certainty that the information is correct. So Mipasa is that foundation and we have a call for code happening that IBM is hosting for developers to come out and bring their best ideas forward and we're exposing Mipasa as a service to the, in this hackathon so that developers can bring some of their best ideas and kind of help those best ideas come alive with Mipasa as a resource. That's great. So we got the supply chain, we just get to share Mipasa. The other one that I think we can all relate to is the secure key authentication, which I love. Maybe you can explain that and talk about the role that blockchain, where blockchain fits. Right, so there is people working from home and this digital identity verification is key. Think about it, you're working remotely, you're using tools like Zoom. There's a huge spike in calls and online requests from telehealth or government benefit programs. So this is all happening and everything behind the scenes is around that is is this user who they say they are? Is this doctor who they say they are, et cetera? And there are gams and frauds out there. So working with speed means working with certainty and what the verified mean network set out to do a couple of years ago. And the beautiful part is, it's ready to go now for this particular usage. It's been using, basically think about it as my identity is my identity and I get to lease out information to different institutions to use it for my benefit, not necessarily just for their benefit. So it's almost like digital rights management, like if you put out a digital piece of art or music, you can control the rights who gets to use it, what's the terms and conditions on your terms. So verified me allows through a mobile app, users to invite institutions to represent and verify them to them. And so I'll allow my department of motor vehicle and my employer to verify me because I want to go back to work sooner. And I want to make sure of my work environment, I'm making this up, I want to make sure of my work environment that people have been tested and vaccinated, but I don't want to necessarily kind of abuse people's privacy. So I'll opt in, I'll share that information, I'll get my doctor and my department of motor vehicle to say, yes, this is Jerry, he's from this address. Yes, he's been vaccinated. And now I can kind of onboard to services much quicker, whether that service is going through TSA to get on an airplane, badging back into my office or signing on to a telemedicine service or government benefits program, et cetera. So verify me is using this self attestation through a mobile application to help speed up the process of knowing that that is truly you and you truly want this service. And you are also calling the shop as to then what happens with your information that it's not spread all over the interweb, it's under your control at all times, right? So I think it's the best of all worlds. When the National Institute for Standards and Technology looked at verified me, they're like, oh my gosh, this is like the perfect storm of goodness for identity. They actually coined it, oh, it has a term, it's called triple blind data exchange. It sounds like a magical act, but triple blind data exchange means the requester doesn't know who the provider is unless the requester allows the provider to know. The provider doesn't know who the requester, requester doesn't know who the provider is that is double blind. And then the network provider doesn't know either, right? But somehow trust is formed and that's the magic of blockchain allowing that to happen. And with that, we can move forward knowing we're sharing information where it matters without the risk of it leaking out to places we don't want it to. So great application of secure key and verified me. Yeah, I love that and the whole concept of being able to control your own data. You hear so much today about testing and contact tracing using mobile technology to do that, but big privacy concerns have always felt like blockchain for so many applications in healthcare or just being able to, as you say, control your own data. I want to better understand the technology behind this. When I think about blockchain, I obviously think about cryptography, you've mentioned developers a number of times, there's software engineering, this concept of a distributed ledger. I mean, there's game theory in the cryptocurrency world. We're not talking about that, but there's the confluence of these technologies. Come on, do that. What's the technology underneath these applications that you're talking about? There is an open source organization called Hyperledger. It's part of the Linux foundation. They're the gold standard and open source, openly governed technology. And early on in 2015, 2016, we got involved, started contributing code and developers to Hyperledger Fabric, which is the industry's first permissioned blockchain technology, permission, meaning members are accountable to the network versus Bitcoin where members are anonymous. And to pass industry regulations, you can't be anonymous, you have to be accountable. And it's not to say that you can't work privately. So you're accountable, but transactions in the network only get shared with those that have a need to know. So the foundation is Hyperledger Fabric and IBM has a commercial offering called the IBM blockchain platform that embodies that kind of is a commercial distribution of Hyperledger Fabric plus a set of advanced tools to make it really easy to work with the open source. All the networks that I talked about are operating their network across the worldwide IBM public cloud. And so cloud technology plays a really big part of blockchain because blockchains are networks. Our technology, IBM blockchain platform runs really well in the IBM cloud, but it also allows you to run anywhere, right? Or like to say where it matters most. So you may have companies running blockchain nodes in the IBM cloud. You may have others running it on their own premises behind their firewall. You might have others running in Amazon or in Microsoft Azure, right? So we use, you may have heard of Red Hat, OpenShift, the container technology so that we can run parts of a blockchain network. Like I said, where they matter most and you get strength in a blockchain network based on the diversity of the operators because if it was all operated by one operator, there would be a chance maybe that there can be some collusion happening. But now if you can run it across different geographies across the IBM cloud. So all those three networks all run on, use this technology, all run on the IBM cloud. And Dave, one more thing. If you look at these applications, they're just modern applications. They're mobile front ends, they're web portals and all of that kind of stuff. The blockchain part of these applications usually is only 20% of the overall endeavor that those companies are going through. The other 80% is business as usual. I'm building a modern cloud application. So what we're doing in IBM with Red Hat, with OpenShift, with our cloud packs which brings various enterprise software across different disciplines and domains like integration, application, data, security. All of those things come together to fill the other 80% above and beyond blockchain. So these three companies like 99 plus others are building applications as modern cloud applications that leverage this blockchain technology. So you don't have to be a cryptographer or a distributed database expert. It's all embodied in this code available on the IBM cloud. 29 cents of CPU hours is approximately the price. So it's quite affordable and that's what we've delivered. Well, the thing about that, that last point about the cloud is it allows organizations, enterprises to experiment very cheaply. And so they can get an MVP out or approve a concept out very quickly, very cheaply and then iterate extremely quickly. That to me is the real benefit of the cloud here and the pricing model. And Dave, as I said when I started, it's like we were working out in a gym but we weren't quite sure why we were so keen on getting fit. And what I see now is this blossoming of users who are looking at, we thought we understood digital transformation, but there's a whole new need to be digitized right now. We're probably not going to be jumping on planes and trains working as more intimately as we were face to face. So the need for new digital applications that link people together, we're seeing so many use cases from trade finance to food safety to proxy voting for stock. All of these applications that were kind of moving along at a normal speed have been hyper accelerated because of the crisis we're in. So blockchain couldn't come any sooner. You know, I want to ask you as a technologist, I've learned over the years there's a lot of ways to skin a cat. Could you do the types of things that you're talking about without blockchain? I'm sure there are ways, but why is blockchain sort of the right path? Dave, you can certainly do things with databases, but if you want the trust, it's as simple as this. A database traditionally has a single administrator that sets the rules up for when a transaction comes in what it takes to commit that transaction. And if the rules are met, the transaction is committed. The database administrator has access to commands like delete and update. So at some level, you can never be 100% sure that that data was the data that was intended in there. With a blockchain, there's multiple administrators to the ledger. So ledger is distributed and shared across multiple administrators. When a transaction is submitted, it is first proposed to those administrators. A process of consent happens, and then and only then when the majority of the group agrees that it's a valid transaction, is it committed? And when it's committed, it's committed in a way that's cryptographically linked to other transactions in the ledger, making it tamper-proof, right? Or very difficult to tamper with. And unlike databases, blockchains are appended only so they don't have update and delete commands. So if you really want that center of trusted data that is attested, that has checks and balances across different organizations, blockchain is the key to do it. So could you do it in a database? Yes, but you have to trust that central organization. And for many applications, that's just fine. But if we want to move quickly, we really want to share systems of record. Sharing a system of record, you have regulatory obligations. You can say, sorry, the record was wrong, but it was put in there by this other company. Well, they'll say, well, nice for the other company, but sorry, you're the one in trouble. So with a blockchain, we have to bring assurances that we can't get into that kind of situation, right? So that shared distributed database that is kind of provides this tamper-resistant audit log becomes the kernel of trust. And then with the privacy preservation that you get from encryption and privacy techniques like we have, like these things called channels, you can transact and be accountable, but also only share transactions with those that have a need to know, right? So you get that level of privacy in there. And that combination of trust and privacy is the secret sauce that makes blockchain unique and quite timely for this. So check it out. I mean, on the IBM cloud, it's effortless to get up and running, building a cloud native application with blockchain. And if you're used to doing things on other clouds or back at the home base, we have the IBM blockchain software, which you can deploy via OpenShift anywhere. So we have what you need in a time of need. And as a technologist, again, you're being really, I think honest and careful about the word tamper, you call it tamper-resistant. And if I understand it that, I mean, obviously you can fish for somebody's credentials. That's one thing. But if I understand it that more than 50% of the peers in the community must agree to tamper in order for the system to be tampered. And that is the beauty of blockchain and the brilliance of blockchain. And for performance reasons, we've created optimizations, like you can set a consensus policy up because maybe one transaction, it's okay just to have a couple of people agree. I say, oh, well, out of the 100 nodes, if three agree, it's good enough. But other policies may be more stringent depending on the nature of the data and the transaction. So you can tune that in based on the class of transactions. So it's kind of good. And that's how we can get performance levels in the thousand plus, in fact, IBM and RBC recently did a series of performance analysis because RBC said, hey, could I use this for some of my bank to bank exchanges? And we need to support over 1,000 transactions per second. They were able in their use case to support over 3,000 transactions per second. So, we were very encouraged by that. I'm glad you clarified that because essentially you're saying you can risk adjust the policies, if you will. You can pile them down. That's great to know. I could go on forever on this topic, but unfortunately, Jerry, we're well over our time, but I want to thank you for coming back on theCUBE and explaining this important topic. I'm thrilled that IBM has taken a leadership position here. And I think, to your point, this pandemic is just going to accelerate a lot of things and blockchain is, in my view anyway, one of them. Thank you, Dave. Oh, great questions and I really appreciate it. So everyone out there, stay safe, stay healthy. All right, thank you, Jerry. And thank you for watching everybody. This is Dave Vellante for theCUBE, our coverage of the IBM Think Digital 2020 event. We'll be right back for this short break.