Guardtime turned trust into digital truth


Article content

Trust is a vital part of society and has been made into a multi-trillion-dollar business. Audits, inspections, certificates and compliance measures have been developed to verify data. Guardtime solves the problem of trust differently and replaces it with digital truth.

Guardtime has developed a system based on blockchain technology that can verify the correctness of data, networks, systems and processes with a mathematical proof called KSI Blockchain. With offices in Tallinn, Estonia and Lausanne, Switzerland, Guardtime has built 12 different enterprise products in the past 13 years, ranging from Telecom, Audit and Compliance, Cyber Range & Exercises and even Space and Health.

Guardtime helps to improve the European Space Agency’s Cyber-Security capabilities

Having worked in various space-related positions in the public sector for years, Marika Popp joined Guardtime as the Head of Space Solutions about a year ago because “she wanted to sit on the opposite side of the table to see how private entities develop their technologies jointly with the European Space Agency (ESA)”.

Roughly speaking, every project that Guardtime is working on in space is tied to the domain of space cybersecurity but each in its own specific way. For example, as software is today the integral part of every single satellite this has brought along new specific security challenges and dealing with those potential cyber-threats requires a completely different approach to those back on Earth.

To combat those threats, Guardtime was recently awarded a contract to leverage its cybersecurity expertise and technologies to improve the capabilities of ESA’s Cyber-Security Space Operations Centre (C-SOC). Popp said that Guardtime is currently mapping and evaluating the agency’s cybersecurity capabilities while also identifying the future capabilities of what the C-SOC needs to address. This is the most palpable project that Popp has been working on with her team at the moment.

C-SOC is specifically designed and trimmed for the space sector. The centre will monitor ESA’s space mission operations and assist in security incident response.

“The fact that Estonia has such a high ambition in the field of space cybersecurity is partly thanks to Estonian government’s policy for ESA’s membership. As an ESA member state for five years already, Estonia has had to decide which programs to participate in. Considering Estonia’s background, cybersecurity has obviously been one of the priorities. In the foreseeable future, it’s unlikely that Estonia would have the capacity to build orbital launch systems. However, if we talk about space data security, Estonia has a reference base that makes us a trustworthy partner for ESA and its member states,” described Popp.

Having had several years of an active and successful collaboration with ESA has been a good selling point for Guardtime; for potential partners, it’s proof that the company can be trusted and its technology does what it claims to be doing. Comparing Estonia with other ESA members that have colossal sums of money to invest, Popp says that Estonia’s strength lies in carefully selecting its priorities and focussing on its existing strengths.

Space is a rather recent endeavour for Guardtime and Popp is looking for ways to actively extend Guardtime’s product portfolio further to  space. Its longest track record in this is related to the company’s main products, a blockchain technology solution called KSI blockchain. Simply put, it’s a technology that detects whether data has been manipulated by making hash out of the data and then comparing it to the original.

For example, the hash for “Life in Estonia” is 7f63138c4b2f999ca4acc6a4a73db229 but for “Life in e-Estonia” it would be 6ea00970ec07ffe6e01b6559ff9e3b39. As demonstrated, just with a small addition in the name the hash is totally different. Using a hash gives the confidence that no third party can see the data without authorisation.

This technology has the longest track record in collaboration between Guardtime and ESA to verify the integrity and provenance of ESA’s Earth Observation (EO) data sets. Guardtime has a technology stack that can be used to upgrade and improve operational EO data archiving and processing systems and improve their cyber-security measures. In addition, Guardtime is also working on a prototype based on KSI to verify the satellite trajectory data for collision avoidance within the domain of Space Surveillance and Tracking.

From space to health, KSI has a wide range of uses

The same KSI technology is also used by a team run by Ain Aaviksoo. He’s been filling the position of Chief Medical Officer of Guardtime Health for about two years. Aaviksoo’s career is admirable, he has worked as a physician at East-Tallinn Central Hospital, was a health policy researcher and consultant for the World Bank and dipped his toes into the public sector as Chief Information and Innovation Officer in the Estonian Ministry of Social Affairs. Due to his background, Aaviksoo is well-informed about what the public sector wants from the private sector and vice-versa.

The latest product Aaviksoo’s team has been working on is called Real World Data Engine. To describe it, he says the engine provides aggregated reports across multiple health care providers in a privacy-preserving manner. To make it even more understandable, Aaviksoo states that the system makes health data queries from everyday health care institutions, such as hospitals and family physicians.

Guardtime’s Real World Data Engine makes it possible to make the information behind the data available to the related parties without the specific data from moving outside of the medical institution. The producer of the drug can ask the engine how many patients achieved the promised outcome and complied with the conditions of the prescription. The data is based on actual data from real healthcare environment, as the name suggests, and the results are given in an aggregated form without any personal data processing being done at all.

Guardtime has already partnered with ten leading pharmaceutical companies led by Roche and AstraZeneca who will use the engine to cause a paradigm change in drug pricing with the ultimate aim of realising outcomes-based contracting.  According to Aaviksoo, both the healthcare payers and pharmaceutical companies have been looking for indication-based and combination-based pricing systems, which would mean drugs no longer have fixed prices but change in every case.

To achieve this, Guardtime combines two of their technologies: a multi-party computation technique and the KSI blockchain. With these tools, Aaviksoo is certain his team can solve the two main hurdles that have prevented patient data privacy, scalability and sustainability.

“It is not always possible to actually achieve the results found in clinical trials. Patients in clinical trials are a very specific group. Most of those who actually start using the medicine have a variety of coexisting conditions and confounding circumstances that can affect the outcome of treatment. The usual prognosis is given by the group average, in real life it could be different. Right now, it’s impossible to measure whether the outcome is achieved or not. Yes, the specific doctor sees the result but that information is kept from the pharmaceutical company and healthcare payer,” described Aaviksoo.

For example, the same drug can be used for the treatment of breast and pancreatic cancer but it could cost less for one of the treatments because the impact/value of the drug is different. To use the indication and combination-based pricing system, there needs to be a system in place for the drug manufacturers to control whether the drug is used as prescribed and where the conditions are filled.

Luckily for Guardtime, pharmaceutical companies and medical institutions have understood that there is no point in having separate databases for every pharma. Thanks to COVID-19, awareness has been raised that data is needed in the health sector.

“In order to know which treatment method is most appropriate, it would be necessary to compare the actual treatment used in different groups, so that effective treatment would be better rewarded and it would reach more and more patients,” said Aaviksoo. He adds that it is the main reason Guardtime is involved in this project. Pharmas have also found other possible use-cases for the same solution.

Yellow Card will see a digital transformation thanks to Guardtime

Another project Guardtime ventured into recently was initiated due to COVID-19. With the help of the World Health Organisation (WHO), the company is making the Carte Jaune (ICV) or Yellow Card digital. Not in the sense that the physical card, which carries all of the information about the vaccinations a person has, will be made obsolete; rather with the aim of restoring normality in the world.

Right now, Aaviksoo says that the card itself will remain as a physical card. However, one day in the near future, every person will have a unique QR code certifying whether they have received a Covid-19 vaccination or not. Looking at the travel restrictions put in place in many countries, having a certified vaccination when entering a country could be the new reality next year.

Due to the fact that WHO is involved with the project, Guardtime has to keep in mind that the system created needs to be simple enough to work worldwide aand operate in countries without sophisticated information systems that can house the information in question.

“The same system can be used to secure the supply chain, for example, if a vaccine is intended for sale in Estonia, it must not be sold anywhere else. Guardtime’s system can detect the development of fake vaccines, meaning that their administration and sale to other countries becomes meaningless,” said Aaviksoo.

Just like with the Real World Data Engine, Guardtime keeps privacy as the cornerstone while developing the digital version of ICV. Aaviksoo gives the example of entering a foreign country and being asked for the ICV: the border-guard will only get a simple yes or no to the question of whether the person is vaccinated from the document that the person is presenting. No digital queries or integrations to outside databases are needed.

The Life in Estonia Magazine covers all Estonian walks of life – from business and innovation to culture, design and tourism. The magazine focuses on in-depth coverage rather than short news value and is directed to all readers who want to get a feel of the agile Nordic country. We bring to you all the topics from Life in Estonia, that put the “e” in e-Estonia. 




Written by
Ronald Liive

Life in Estonia Magazine


Visit us physically or virtually

We host impactful events both in our centre and online for government institutions, companies, and media. You’ll get an overview of e-Estonia’s best practices and build links to leading IT-service providers and state experts to support your digitalisation plans.

Questions? Have a chat with us.

Call us: +372 6273157 (business hours only)

Find us

The Briefing Centre is conveniently located just 2 minutes drive from the airport and 10 to 15 minutes drive from the city centre.

You will find us on a ground floor of Valukoja 8, central entrance behind the statue of Mr Ernst Julius Öpik. Photo of the central entrance.

Valukoja 8
11415 Tallinn, Estonia