Recently an ATM that used zero confirmations got attacked. The robbery was manifested through more than 122 times in places that include Sherwood Parkacross Canada, Ottawa, Winnipeg, Hamilton, Calgary, Toronto, and Montreal. With the zero confirmation system, it saves a lot of waiting time for both merchants as well as the users. Usually, the waiting time goes over an hour depending on the blockchain used. But the same feature was exploited in this zero confirmations ATM attack. The attackers took advantage of this feature by ‘double spending’ the transaction. Double spending is basically used to invalidate the first transaction. This returns the money to the consumer, while they still get the goods or the services they purchased in the first place. In these attacks, the user got back to cash.
Through various evidence such as CCTV, the police have reported about four suspects who were involved in this attack. The attacks took place in September last year. The attack has brunt the Crypto ATM company with a shocking loss of 198 K U.S Dollars.
As per the reports from dashnews.org, the zero confirmation depends on the absence of economic incentives to carry out a ‘computationally intensive attack’ for the rewards for robbing from the merchants. When it comes to the large scale merchants such as the crypto ATM referred here, the logic does not fit.
Merchants are in a vulnerable spot with zero confirmation transactions-
Of course with such liberty in transactions, comes the great risk for the merchants. Especially those merchants who deal with higher priced items, or who do not venture into repeat businesses. Double spending trick can dearly cost these merchants. For instance- the merchants from the hospitality business are in much better position to accept the zero confirmation transaction from the users because there are high chances that the user will eventually stay in the restaurant unless there are some confirmations in which case the merchant gets the power to choose. Moreover, the hospitality business often gets repeated consumers that generate a sense of trust that there will not be any robbery from the consumer.
But the merchants who deal with bigger scale items, on the other hand, can’t have this comfort. For instance, the merchants who deal in costly items sale such as automobiles, ATMs, electronics and so on, are into selling items that are often one-time purchase. This puts the merchant into dealing with all kinds of possible attacks and other vulnerabilities. Therefore, extra care for the payment process is required to confirm the payments. The zero transactions although are the solution to the otherwise slow transactions, but there is a need to fill in that confidence and trust quotient for the merchants to make the sales peacefully.
To draw an analogy, we can compare the zero transaction to credit card chargebacks. They put the merchant into a weak position which is susceptible to revenue losses, products and goods can be robbed, and tricks such as double spending can even result in cash loot. Therefore, the shift from regular time-consuming transactions to the zero confirmation transactions is not at least currently- a sound move for the merchants. The gap definitely needs to be filled.
Is InstantSend by Dash a solution?
Yes, the good news is that the Dash offers a sound solution. With its version 0.13 of InstantSend, Dash is capable of solving the issue. This lifts the Masternode network to lock in transactions in less than two seconds. This is achieved for less than a penny. This offers a secure transaction without loss of any time for both the merchants and the consumers. InstantSend is the answer to the double spending issues and is the source of peace of mind for the merchants. Dash with its latest innovations and smart solutions to the latest crypto vulnerabilities reflects the long run of the company. We are surely maturing towards a safer, quicker, decentralized crypto world.