Precision time protocol built for Zero Trust Architecture

In this article:

  • There are some security concerns with NTP because it uses a stateless protocol for transport and is not authenticated. Also, there have been some incidents of denial of service attacks against NTP servers making them temporarily unavailable to supply time information.
  • The rise of the cashless trend underscores the necessity for a robust and resilient time synchronisation solution to address challenges posed by satellite connectivity failures and cybersecurity risks.
  • Having a complete, secure, resilient time service built on Zero Trust makes the necessary foundation for an entire network infrastructure allowing reliable authentication, systems monitoring, event detection and rapid response as well as post-facto forensics and analysis.

Digital transformation and payment processing platforms

Everyday the prospect of a cashless payments draws closer, with only four in ten US and one in six UK transactions now being made in cash. A rising number of businesses are going through digital transformation and refusing to accept cash, with many opting to become card-only in the past years­.

The cashless phenomenon is symptomatic of a wider cultural shift towards digital transformation. Over the last few centuries technology has increased the global reach and average speed of human life pace. Financial transactions have become increasingly fast and convenient, which in turn spurred economic growth. Our reliance on the convenience brought about by all things digital is growing every day, and at an exponential rate. However, digital transformation does not always lead to extra security.

The role of accurate time synchronisation

Going through digital transformation and becoming cashless is convenient – it eliminates the middleman, helps avoid corruption and is effective in fighting organised crime. Nevertheless, the convenience has a flip side – digital vulnerability. Indeed, a cashless society calls for a fundamental agreement on when digital transactions took place. A way to ensure that such agreement is in place is by having accurate time synchronisation, traceable timestamping, and Zero Trust Architecture. Timing is also a necessary component of global, regional and community banking– regulations such as the Second Markets in Financial Instruments Directive (MIFID II) in the EU, and Consolidated Audit Trail (CAT) in the US legally require time synchronisation and timestamping to be accurate and reliable.

This increasing popularity of living cashless coupled with the intensifying level of demand for cybersecurity and trusted timestamping has exposed the essential need for a systemic solution for when things go wrong, a failsafe backup system to correct any misalignments. If global, regional, or community banks were to lose their satellite connectivity, digital payment systems would begin to fail and a cashless society would begin to crumble. Indeed, few people realise how dependent we are on the satellites that play a role in our everyday lives.

While GNSS signals are widely available and free, they are subject to interference and are becoming more vulnerable to assault. Satellites in a 20-kilometre medium-earth orbit broadcast one-way signals in the 1.2-1.6 GHz waveband. This implies that they can be easily disturbed, either deliberately or inadvertently. The most common causes of GNSS disruption are unintentional interference, jamming and spoofing. Unintentional interference occurs when radio waves are generated by equipment ranging from microwave ovens to faulty antennas, drowning out weak GNSS signals. Intentional interference (‘jamming’) is becoming more prevalent, most notably when commercial drivers jam their on-board monitoring systems to obscure their tracks. Spoofing is a more advanced kind of interference in which fake GNSS signals are created to fool GNSS receivers into thinking they are in another location.

Additional to that, the reliability of the time source matters. During a criminal or forensic examination, the timestamps on your network may be compared to devices outside. Because of this, you want to make sure the source you are using is as accurate as possible. One of the most common protocols in use for time synchronisation is NTP. NTP servers are often temporarily unavailable to supply time information when they are under denial of service attacks.

Accurate time synchronisation for Zero Trust Architecture



The big question is this – How can digital payment systems function well in the digital economy?

This is where accurate time synchronisation and traceable timestamping come in. These timing solutions work by linking grandmaster clocks to multiple primary UTC sources in a timing hub, which means that connectivity providers can syndicate highly accurate time to servers in any data centre in the world over Internet Protocol via low-latency fibre cables. Time synchronisation software then adjusts the server clock to match the time feed, measures the internal latency and creates traceable and trusted timestamps logs, which are stored in the cloud.

Timing providers have developed systems built on a network of mutually robust cloud timing hubs, each of which is made up of three nanosecond-accurate grandmaster clocks linked to three distinct sources. The hubs compare the various timing sources on a regular basis to guarantee that accurate time synchronisation and traceable timestamps are always maintained. Thus, network delivered traceable timestamping solutions are bound to become even more relevant as we move towards Zero Trust and a completely cashless life.

Ready to learn more?

When thousands of transactions take place every second, this level of accuracy and reliability is required to give global, regional and community banks confidence that their transactions are being securely handled. A highly accurate timing solution built on Zero Trust Architecture is ready to be rolled out without the purchase and installation of additional timing infrastructure.

Hoptroff Traceable Time as a Service (TTaaS®) is a range of network and software-based timing solutions that are simple, resilient, and cost-effective.

Whether you need the security of verifiable time for compliance, or nanosecond delivery, our obsession with accuracy will transform your business.

Accurate and Precise Time Synchronization

Candela Lanforge Ice


Accurate Time Sync

Everyone involved in the finance sector rely on a resilient digital ecosystem, with the Digital Operational Resilience Act (DORA) coming into effect in the US shortly, has brought a renewed urgency to the conversation. Organizations must be able to respond and recover from all types of ICT related disruptions and threats.

One important lesson is accurate timing systems are vital, not optional, in cybersecurity. Of course, DORA’s scope extends beyond time, but its requirements clearly involve it. Because of incident reporting and risk management obligations, financial institutions will have to maintain high standards of time synchronisation, timing data and process documentation, and resilient timing that’s resistant to cyber-attacks.

In a distributed computing environment, it is impossible to determine what caused what unless all devices’ clocks agree and the billions of daily transactions are time stamped accurately. To achieve this your time source must be: 

  • Traceable to a credible source of UTC, the world’s consensus time that is recognized by governments such as NIST (US time standard), so that timestamps can be compared across public service organizations and other records.
  • Provable with logs of timekeeping accuracy retained for at least 5 years in order to prove that time was correct in the past.
  • Accurate so that intervals between timestamps can be confidently calculated, even up to within one millisecond (thousandth of a second). NENA (National emergency number association) guidelines suggests a 1-milisecond synchronization NENA
  • Secure: Reliable logging of the accuracy of all time sources, along with ancillary data that helps prove the time was correct. Provide alerts and warnings when time sources misbehave allowing for rapid response.
  • Interoperability: Industry standard protocols seamlessly integrate to customer systems safeguarding legacy investment
  • Evidencing: Provides traceability and verification, even years later

Precise and resilient time can be distributed from a global network satellite system (GNSS) using a master clock like the SecureSync2400 or a terrestrial source using a Traceable Time as a Service from Hoptroff.  

Traceable Time Keeps Getting Easier

Accurate, traceable time is needed for many different applications. Whether it’s meeting banking regulations, providing verifiable timestamps on medical records, providing a common sync reference for security and access control systems, or even ensuring the performance of basic distributed network operations, accurate, traceable time is needed. However, getting access to a traceable time source hasn’t always been easy.

Traditionally, the most common way to get accurate, traceable time is to deploy a GNSS based time server with an antenna receiving time from one or more of the GNSS constellations. For sure, this is the gold standard for most time and sync applications. With time from GNSS, accuracy to UTC is measured in nanoseconds. And because time is coming from an official time source via the different GNSS constellations, that time is also traceable. This means the accuracy of the time source being used by a network can be verified to be true within some threshold of error.

Time from GNSS based time servers may be the most commonly available way to get accurate, traceable time, but deploying them isn’t always simple. In order to receive the GNSS signals, an antenna must be installed, and that can sometimes pose significant challenges. In some cases, such as in leased spaces, it’s not possible to get permission to install an antenna on the roof or access isn’t possible. In other cases, the costs for installation combined with a reoccurring cost to keep an antenna on the roof makes installing an antenna cost prohibitive.

To complicate matters, while the nanosecond level accuracy achieved from GNSS is nice to have, it’s overkill for many applications. So the entire concept of needing to install a GNSS Antenna and incur the associated cost and hassle just for traceable time can be frustrating. Eliminating that frustration was the purpose behind Traceable Time as a Service (TTaaS).

Traceable Time as a Service delivers accurate, traceable time over a secure VPN connection to provide a traceable time reference for your network. Because TTaaS is delivered over a VPN, setup is easy and familiar, especially compared to installing antennas, coax cable, surge arrestors, amplifiers, and more.

In addition to being easy to install, TTaaS is also accurate. Using just a VPN connection, accuracies can range between microseconds to milliseconds offset to UTC / NIST / etc. Accuracy aside, the important thing is that you know what your offset is, can verify it, and can therefore ensure traceability. That’s what TTaaS does.

Traceable Time as a Service by Hoptroff, has a network of timing hubs at datacenters around the globe, getting time from GNSS, this network connects directly to national labs such as RISE in Sweden and NIST in the US. Using proprietary techniques, Hoptroff’s software is able to accurately determine time offset by comparing time at your location to the time at other locations within that network. That capability combined with the direct connection to national labs and GNSS allow for clear, easy traceability between the time delivered to you over TTaaS and the timing hubs it’s coming from.

The concept of Time as a Service may be new to some people, but it’s been around for quite some time. Until somewhat recently, services were mostly setup to accommodate certain industries, such as Financial trading, and were only available within certain datacenters or co-location facilities. But with new advances in networking technology and protocols, it’s becoming possible to make those kinds of timing services more widely available and to more markets that need traceable time. And because services like TTaaS are over a VPN and are so easy to setup and maintain, the shift towards these kinds of services will continue to grow.

5 fintech trends you should be watching in 2023

service-experience-dashboards

In the fast-paced world of global financial services, gaining competitive advantage is a synonym to staying ahead of the curve. With banks, stock exchanges, credit institutions, investment firms still struggling in their push for innovation, fintech startups are sprouting everywhere, deploying groundbreaking technology, and questioning traditional banking. With that in mind, let’s take a look at 5 fintech trends that will undoubtedly shape the future of global financial services. 


5 fintech trends

1. Accurate and precise time synchronization

There are over 100 billion microprocessors with clocks but they aren’t all displaying the correct time. As the world’s critical infrastructure and global financial markets become more digitised, this incongruence becomes more worrying.

In a distributed computing environment, it is impossible to determine what caused what unless all devices’ clocks agree and the billions of daily transactions are time stamped accurately.

Time is distributed through the global network satellite system (GNSS) which has come under criticism in recent years due to its vulnerability. A slight interference in this system could cause major disruptions in navigation and global trading activities, not to mention added complications when investigating the sequence of transactions in suspicious trading, or the proof of accurate timing needed to be MiFID II and CAT compliant.

Precise and resilient software-based time from both satellite and terrestrial sources addresses this vulnerability. Hoptroff’s Traceable Time as a Service (TTaaS®), synchronizes server clocks to UTC through both satellite and terrestrial sources. It’s more resilient, scalable, and more easily deployed requiring no additional hardware.

This article will touch upon four more fintech trends of 2023, and why accurate and precise time synchronization is the key to their development.

2. Cryptocurrency

The speed and convenience at which transactions are processed is becoming increasingly important. This has opened the door to digital, or crypto currencies and real time payments (RTPs).

Cryptocurrency transactions are recorded on a decentralised ledger or blockchain and although they’re not easily accessible to everyone, this will change as banks open their virtual doors.

CBDCs are a form of digital currency centrally controlled by national banks, backed with real money and issued over blockchain. China is already piloting their CBDC eCNY in four cities and is anticipated to introduce it fully in 2023.

Why accurate and precise time synchronization matters in cryptocurrency

While CBDCs are regulated by a country’s central bank and should therefore encourage financial inclusion, their centralised nature means certain design choices could increase anonymity for individuals involved in nefarious activities. This is why accurate time stamping at the point they are exchanged to and from real cash is so important. This is not possible without accurate and precise time synchronization.

Many central banks are already looking into the assurances offered by timestamping every transaction of CBDCs rather than only when the digital currency is exchanged for real cash.

3. The Metaverse

No one is denying the revolutionary potential of the Metaverse. As a digital 3D space designed for virtual interactions it holds the key to countless new opportunities for fintech companies. Although a boost in sales productivity may be expected as people will be able to meet face-to-face with clients from around the world in a single afternoon, added convenience comes with complications.

As cross-border teams collaborate, the online software tools through which they interact need to be reliable – this begins with precise timing synchronization. Whether it’s Google Docs or a new haptic tool, devices showing different times can cause unnecessary difficulties when collaborating through the Metaverse.

Why accurate and precise time synchronization matters in the metaverse.

The metaverse must be a real-time system over computing distributed all around the world. That can’t possibly work unless the processing and data flow are synchronized through precise timing.

4. Smart contracts

Smart contracts are locked software programs stored on a blockchain. These programs begin actions automatically following the completion of contractual obligations. Such actions could include paying both sides a sum in cryptocurrency, or simply releasing protected data to one party involved. This negates the need for an intermediary such as an escrow, in which funds would ordinarily be held by a third party until the conditions are met.

This fintech trend expects companies to further test the utility of smart contracts in 2023. Decentralised finance (DeFi) and other companies may wish to investigate how smart contracts safeguard transactional security and resilience in global financial services.

Why accurate and precise time synchronization matters for smart contracts

Cryptocurrency ensures the record of the digital ledger cannot be modified after the fact, even by the ledger owner, without it being obvious that it has been modified. Hoptroff TTaaS® can provide time for crypto traders by putting trusted and traceable timestamps in the ledger so there can be no doubt about when events happened – as it stands right now, the ledgers only prove the sequence in which events happened, not precisely when.

5. Machine Learning Operations (MLOs)

Machine learning employs algorithms to help computers and other machines understand and predict the behaviours and intentions behind digital interactions.

Innumerable figures and endless calculations drive the fintech industry meaning it will likely be a primary beneficiary of MLOs in 2023. The enormity of this data requires complex and intelligent analysis and reporting. This would be incredibly costly and time consuming using traditional rule-based computing that relies on constant human input.

MLOs are already transforming global financial services areas like risk management, fraud analysis and sales forecasting.

Why accurate and precise time synchronization matters for MLOs

Improving data reliability betters the AI model. Most data is collected in a delayed fashion, so to understand interactions between, for example, various sensors, those sensors need traceable and secure timestamps to bring the picture into focus.

Ready to learn more? 

When thousands of transactions and data get processed every second, a high-level of accuracy and reliability is required for critical infrastructure services. Accurate timing solution like Hoptroff Traceable Time as a Service is ready to be rolled out without the purchase and installation of additional timing infrastructure.

(TTaaS®) is a range of network and software-based timing solutions that are simple, resilient, and cost-effective.

Whether you need the security of verifiable time for compliance, or precision timing in your IT network and business-critical documents, our obsession with accuracy will transform your business.


Contact Us