With $1.7 Billion in the bank following its ICO (initial coin offering), Telegram has rolled out its first crypto-friendly functionality. But security scientists are doubtful. As stated in a blog post, a US-located startup, Virgil Security, has verified various weaknesses in Passport, the new identity verification app. While the firm praised Telegram for posting the API of the application as open source, Virgil Security detailed 2 issues with the app: how it protects amassed data and how it encrypts data. The API allows the code to be verified by other experts.
“Their promise to openness offers security practitioners the chance to evaluate their implementation and, preferably, assist enhance it,” claimed Alexey Ermishkin from Virgil Security to the media in an interview.
Telegram has never verified or announced publicly the existence of its ICO worth billions of dollars. But as papers began to leak previously this year, it became obvious that the firm (more broadly known for its chat application) targeted to vie with many of the services (from encrypted browsing to filesharing) that crypto companies had already planned.
In addition, it wished to bring blockchain-supported transactions to the Telegram chat application, which in recent times has become famous among the crypto society. Identity verification and payments go hand-in-hand, making Passport a natural premature service from the firm. In addition, disturbing the digital ID players such as Equifax (which keep information in centralized databases defenseless to abuse and breach) has long been a shared objective of the cryptocurrency society.
Speaking of Telegram, on July 26, 2018, Telegram declared the roll out of Telegram Passport developed to encrypt consumer’s personal ID data and allow them share their ID information with 3rd parties such as crypto wallets, ICOs (initial coin offerings), and anyone obeying KYC (know your customer) norms.