Blockchain has attracted tremendous attention for solving the security problems of customer personal data in various domains via transparency, immutability, traceability, and decentralization properties. Unfortunately, inherent openness and immutability in traditional blockchain pose significant challenges to customers’ data privacy, also conflicts with the General Data Protection Regulation (GDPR) requirements, including “right to rectification” and “right to forgotten.” In order to solve the aforementioned issues, this paper introduces RedactChain: a novel redactable blockchain-enabled, privacy-protected personal data management scheme that allows data redactions without compromising the structural integrity of the blockchain. The RedactChain employs verifiable chameleon hash function and distributed trapdoor recovery mechanism that allows on-chain data modification and avoids the security problems faced by the centralized organization. Additionally, this scheme offers secure communication and fine-grained access control by applying attribute-based encryption(ABE). The comprehensive formal security analysis and empirical evaluation validate the efficacy of the proposed system and prove that the suggested framework ensures decentralization, integrity, and security of the data with optimal processing time.

Rotating Savings and Credit Associations (ROSCA) is extensively utilized as a vital financial mechanism in both urban and rural communities around the world. This enables individuals to save and borrow money collectively. However, relying on mutual trust, non-transparency, and insecure exchange of sensitive information leads to fraud, data breaches and single point of failure. Therefore, to address these issues, we propose a decentralized trust evaluation mechanism and secure key agreement protocol for ROSCA integrated with blockchain. This framework presents a four-layer, trust-building architecture that evaluates the trustworthiness of ROSCA operators and stores the time-stamped trust index in the blockchain. It leverages Mamdani Fuzzy Inference System(MFIS) to determine the degree of trustworthiness. Consequently, ROSCAs with better trust indexes are evaluated, validated, and stored in blockchain via chaincode. In addition, we propose a secure key agreement protocol for ROSCA-to-customer, thereby enabling a secure communication channel for exchanging sensitive information. Further, to achieve transparency, fairness and to eliminate centralized control, the complete framework is implemented over permissioned blockchain. The formal and informal security verification reveals that proposed system is safe and secure against potential threats. Moreover, performance analysis and comparison with current state-of-the-art reveal that the suggested framework outperforms and potentially reduces chaincode computation time for creating and querying records by 78.32% and 85.42%, respectively.

The rapid evolution of Financial Technology (FinTech) has brought an influx of monetary records and customers personal information into the digital landscape. Unfortunately, the growing digital FinTech ecosystem suffers from single points of failure, data manipulation, privacy breaches, storage constraints, and inadequate access control to customers’ financial data. Therefore, to address these issues, this paper presents FinSec, a consortium blockchain-enabled privacy-preserving, scalable framework for protecting customer data in the FinTech system. The framework deals with the intricacies of customers’ financial data storage, access, and sharing while ensuring decentralization, immutability, privacy, and scalability. Specifically, FinSec utilizes AES (Advanced Encryption Standard) for encrypting data before storing into distributed off-chain storage. In addition, employs RSA-OAEP (Optimal Asymmetric Encryption Padding) as a secure digital envelope, strengthening the resilience of data during on-chain storage and sharing. Further, to efficiently manage off-chain storage and on-chain transmission, the system establishes synergy between private IPFS cluster(PIC) and consortium blockchain without the intervention of trusted third-party. The formal and informal security verification reveals that FinSec is safe and secure against potential threats. Furthermore, comprehensive performance analysis and comparison with current state-of-the-art validates efficacy of the proposed system and achieves 78.32% and 51% higher throughput than Jayabalan et al.(2022) and Datta et al.(2024), respectively.

Chit fund is a peer-to-peer saving and borrowing scheme operated among trusted groups of people. It is a reliable source of funds in emergencies with no guarantor and low-interest rate. Despite their enduring benefits, chit funds face challenges related to trust, transparency, and security. At present, unscrupulous subscribers might join chit-funds, borrow money, and make payment defaults. This leads to disruptions in contribution cycle and affects overall functioning. Additionally, non-transparent record-keeping and transaction processes, hinder participants from verifying fund activities, creating a susceptible environment for fraud and malpractice. These challenges are an obstacle to the sustainability and trustworthiness of the chit-fund system. Therefore, to overcome aforementioned challenges, this paper proposes TruChit, a blockchain-based chit fund system with creditworthiness evaluation framework. It leverages the Adaptive Neuro-Fuzzy Inference System (ANFIS) to assess the creditworthiness of subscribers, which ensures the credibility and reliability of individual participants. Further, proposes permissioned blockchain-assisted chit-fund framework with role-based access control to instill trust, security, and transparency within chit-fund operations. Moreover, the efficacy of TruChit is evaluated by analyzing credit score dataset and achieves 93.5% accuracy, which is better than other approaches.