By Director of Media and Communications at EMIR Research, Jamari Mohtar
In his latest post on his blog, Minister of Science, Technology and Innovation, Khairy Jamaluddin says his ministry (Mosti), has incorporated blockchain technology into the Ministry of Health’s Covid-19 Vaccine Management System to “ensure every dose ends up in the arms of the rakyat”.
This is really an excellent move that should be lauded because Khairy really knows what he is talking about. Nowadays going blockchain has become a trend in the developed countries that there is a bandwagon effect where everybody wants to adopt it without really understanding why it should be adopted in the first place.
On the other end of the spectrum are those entities in developing countries which stubbornly refuse to adopt the technology when their processes and procedures are approaching the realm of inefficiency and wastage of resources which could lead to fraud, theft and forgery of documents.
The most important consideration for using the blockchain for certain business, corporate or regulative processes and procedures is generally to see whether these are already done efficiently and effectively without the technology. If the answer is yes, then there is no need to adopt it until current processes or procedures become very cumbersome and inefficient.
Tracking of logistics and supply chains falls under data provenance which is one of the most significant real-world applications of blockchain technology. This involves the documentation of where a piece of data comes from and the processes and methodology by which the data was produced. It creates a single, secure chain of custody timeline, designed to be tamper-proof.
Since the rationale to adopt the blockchain as elucidated by Khairy is to “provide stronger assurance around the vaccine supply chain, as vaccine supply enters the country and is distributed to vaccination locations nationwide, thus reducing the risk of theft and fraud, and ultimately reduce wastage”, this makes the whole tracking much easier as compared to tracking the “halal-ness” of a product.
There’s no need to go backward to know where all the materials are procured by the manufacturers in producing the vaccines. The starting point to “blockchainise” the tracking is “as vaccine supply enters the country” – at the point where the authorities received the first consignment of the vaccine from its overseas suppliers.
This data should be put in the blockchain ledger by digitally timestamping the transaction with details such as the time and date of receiving the vaccines, total doses received, the name of the manufacturers, etc.
Digital timestamping involves digital signatures which are often used to implement electronic signature, including any electronic data that carries the intent of a signature.
Properly implemented, digital signatures are more difficult to forge than the handwritten type, and can also provide non-repudiation meaning the signer cannot successfully claim they did not sign a message, while also claiming their private key remains secret. Moreover, even if the private key is exposed, the signature remains valid.
Coming back to vaccine distribution, digital timestamping is repeated with each and every new consignment and once verified, a transaction is recorded as a digital block, containing the key of the previous entry, a timestamp and the transaction data, all secured through cryptography.
This creates a chain of individual transactions that can be traced back to the original. These blocks become part of a digital ledger, which is continuously distributed to all participants.
The supply chain that matters most in this case is all the distribution centres in Malaysia that will receive their share of this consignment. It would be convenient if these are also the vaccination centres (which can then be broken down by states and further broken down by districts and zones).
All these distribution centres become the nodes of the decentralised ledger of the vaccine blockchain. It is these nodes (computers denoting participants in the network) that will record on the blockchain all the relevant transactions occurring at the respective nodes for example the details on the doses received, the cold storage and the transportation used, the number of peoples vaccinated and their personal details, etc.
Now, a blockchain can be built and accessed in multiple ways. Private blockchains allow only known nodes to participate in the network as in the case of a bank running a private blockchain operated through a designated number of nodes internal to the bank. In contrast, permissioned blockchains may allow anyone to join a network once their identity and role are defined.
Public or un-permissioned blockchain is being epitomised by the most famous cryptocurrency, Bitcoin. It allows anyone to participate in the network as a full node or a contributing miner. Anyone can take a read-only role, or make legit changes to the blockchain like adding a new block or maintain a full copy of the entire blockchain.
It is thus obvious private blockchain is not suitable for the tracking of vaccine distribution because the nodes (participants) will just be from the MOH, leaving the logistics companies and other agencies involved out of the equation. Public blockchain is also not suitable because any person or party that is not involved in the logistics and supply chain of the vaccine can join the blockchain network.
Hence. the most suitable blockchain for the task envisaged by Khairy is the permissioned blockchain whose intrinsic configuration controls the participants’ transactions and defines their roles in accessing and contributing to the blockchain. It may also include maintaining the identity of each blockchain participant on the network.
External parties, such as logistic companies and the persons to be vaccinated, though part of the whole network, don’t have to know confidential and proprietary data such as the price of the vaccines, or people who have been vaccinated.
The use of permissioned blockchains allows such role-limited implementations. Technically, properly conceived permissioned blockchain networks are those which have an access-control layer built into the blockchain nodes.
In the halal meat scandal of last year, the activities of the cartel all these years were only unmasked with the adoption of blockchain technology via deploying the TradeLens platform that enables more efficient and accurate container tracking and information sharing among platform members.
It promotes trust among trading partners as the record of all transactions is shared within the network and permissioned parties can access the data in real-time, making it possible for the Malaysian Custom to have permissioned visibility into supply chain activities with verified, highly trusted and near real-time data.
So, in December, when a ship suddenly sought permission to anchor at the Pasir Gudang Port, all the custom officers there needed to do was to check the details of the ship against the details in TradeLens. When the details of the ship did not appear on TradeLens, the Custom smelt a rat, and allowed it to anchor perhaps in a sting operation which led to the discovery of many things – forged documents, that the ship was used by the cartel, along with the identification of the warehouses the cartel used for their illegal activities and the arrest of some people.