Date | May 2018 | Marks available | 2 | Reference code | 18M.1.SL.TZ0.2 |
Level | SL | Paper | 1 | Time zone | no time zone |
Command term | Identify | Question number | 2 | Adapted from | N/A |
Question
Digital currency
Bitcoin is a type of digital currency (cryptocurrency). This is money that can be sent via the internet and exchanged for goods, services, or money in different currencies. Users can buy bitcoins using real money, and bitcoins can either be spent or stored in a digital wallet for later use. Bitcoins can be used in every country, and sending bitcoins is as simple as sending an email.
A bitcoin wallet is an application that can be installed on a computer or mobile device. Once a bitcoin wallet is installed, the user will get a bitcoin address to use when transferring bitcoins to and from the wallet. This transfer uses private and public key encryption. Users should have a strong password to access their bitcoin wallet.
Bitcoin operates on a peer-to-peer (P2P) network, and users of bitcoins are identified by their bitcoin address. Some users of bitcoins wish to remain anonymous, but this is not always possible.
Identify two characteristics of a peer-to-peer (P2P) network.
Identify two characteristics of a strong password.
The use of a password is one method of authentication.
Identify two other methods of authentication.
Explain one reason why bitcoin makes use of encryption when transmitting data.
Explain one reason why it may be difficult to ensure the security of information in a large peer-to-peer network such as bitcoin.
Some users of bitcoins are concerned that their anonymity may be compromised by their bitcoin address.
Explain one way in which a bitcoin address may be used to reveal information about a bitcoin user.
Bitcoin transactions are made between individuals without the knowledge of banks, governments, or credit card companies. Some governments are investigating whether they should regulate digital transactions, such as those made using bitcoins.
To what extent is it appropriate for governments to regulate digital transactions, such as those made using bitcoins?
Markscheme
Answers may include:
- There is no central administrator.
- All users of the network have the same importance.
- Each computer acts as both client and server.
- Each computer can exchange files directly with every other computer on the network.
Award [1] mark for identifying each characteristic of a peer-to-peer network up to a maximum of [2] marks.
Answers may include:
- Sufficient length (usually more than six characters)
- Made up of a mixture of letters, numbers and symbols
- Uses upper and lower case characters
- Not a dictionary word/common word
- Not based on personal information (e.g., name, birth date, etc.) (i.e., can’t be guessed).
Award [1] mark for identifying each characteristic of a strong password up to a maximum of [2] marks.
Answers may include:
- Biometric authentication
- Fingerprint
- Palm print
- Palm vein
- Facial recognition
- Voice recognition
- Retinal scan
- PIN
- Passphrase
- Two-factor authentication
- Authentication token (or security token)
- One-time code, i.e., contact user via phone/SMS/email to provide the code
- Asking user to provide answers to security questions set-up when creating an account (e.g., what was the first school you attended?).
Award [1] mark for identifying each additional method of authentication up to a maximum of [2] marks.
Answers may include:
- To ensure there is trust in the security of the data…
- as users see this as an additional layer of data security.
- To prevent regulatory fines…
- as encryption may be seen to as an attempt to comply with regulations such as GDPR.
Award [1] for the reason why encryption is used when transmitting data and an additional [1] for the explanation up to a maximum of [2].
Answers may include:
- The security may be carried out at the level of the individual user.
- This may mean that the network’s security may only be as strong as the weakest link.
- There is no central control that manages the security of each computer by providing virus protection/firewall…
- so an inexperienced user may unintentionally allow access to their whole hard drive instead of allowing access to specific folders.
Award [1] for the reason why the security of information may be difficult to maintain in a large peer-to-peer network such as bitcoin and an additional [1] for the explanation up to a maximum of [2].
Answers may include:
- When transmitted, a bitcoin address may include additional information, such as the IP address of the user’s device.
- This information may be aggregated from a number of sources and this larger data set will then provide sufficient information to link the bitcoin address to a person’s identity.
Award [1] for identifying how a bitcoin address may be used to reveal the name of a bitcoin user and an additional [1] for the explanation up to a maximum of [2] marks.
Answers may include:
- If transactions can be done without disclosing the name of the individuals (anonymity), it could be a way to use money obtained illegally (money laundering – values).
- Governments will not be able to see all commercial transactions and therefore may miss the possibility to tax commercial activities – informality, lack of transparency.
- Bitcoin wallet providers may have an agreement with clients not to disclose information – privacy invasion.
- It is also possible to send a payment without revealing your identity. This allows people to transfer funds across country borders without cost but also allows users to buy illegal products anonymously.
- Unregulated services, such as bitcoin, do not provide the protection of regulated services, such as banks.
- For governments to be able to forecast financial trends, they need to have all of the information available. If some information is withheld, it makes forecasting more problematic.
- There is an ongoing debate between the privacy of the user versus the security of the state. The questions could be reframed as what is an acceptable level of regulation/surveillance?
- If regulation is too strict, it will stifle innovation and may prevent worthwhile developments in digital currency.
- Different degrees of regulation by governments of different countries could create an uneven playing field for digital currency transactions.
- As bitcoin is global, regulation could also impact the rights of people outside the government’s jurisdiction.
In part (c) of this question it is expected there will be a balance between the terminology related to digital systems and the terminology related to social and ethical impacts.
Keywords: laws, regulations, environment, cryptocurrency, privacy, anonymity, surveillance, change, power, systems, values
Refer to SL/HL paper 1, part c markbands when awarding marks. These can be found under the "Your tests" tab > supplemental materials > Digital society markbands and guidance document.