Overview
With the digitalization of many areas of life, more and more data is being collected. If data sets are combined and analyzed, a better picture of customers or the business and economic environment, for example, is created. The value of data often increases with quantity. However, financial institutions have limitations and concerns about sharing data, making it difficult to realize its full potential. In particular, information about the financial situation is considered very sensitive and is protected by Swiss (e.g. data protection law and bank client confidentiality) and international laws (e.g. GDPR in the EU). Confidential computing is part of data protection (data security) and can solve this conflict of objectives. In general, data security involves protecting data in all its forms and states, i.e. in the rest state, during transfer and in use, respectively computation. There are proven options for the former states. For example, data is encrypted so that even if it is stolen, information cannot be accessed. There are also encryption that protect data in transfer so that only authorized parties can see the information as it moves between servers and applications. Protecting data in use is more demanding, especially when calculations are being made. This is because applications can often only process data in plain text, i.e., unencrypted.
