Knowing Your Customer (KYC) in Blockchain
Almost from the very beginning, the anonymity of cryptocurency exchange and its non-reliance on regulated banking systems have made them attractive to certain criminals. As it became obvious that blockchain-based currencies were not going to simply disappear, governments around the world began the slow process of developing systems to regulate Crypto Exchanges and the other platforms people use to exchange Bitcoins, Ethereum and other cryptocurrencies for goods, services and other types of currency.
As a result, to sign up to a cryptocurency exchange run almost anywhere in the world, you need to complete some kind of KYC (Know Your Customer) procedure to fully participate. If any person or organisation expects to use crypto exchanges at any viable economic level, or even to make large one-off exchanges, they should expect to provide a fair amount of personal information.
However, many exchanges do allow small, casual transactions to be conducted anonymously (or nearly so) to this day. This makes good business sense for the exchange, and represents little risk to any interested regulating entities. It allows potential customers to engage with the service in a limited fashion without a big investment of time, effort, or exposure. The exchanges need this to attract new customers. The regulating agencies need it because, simply put, if they make it impossible to do business legally someone will just do it illegally, and completely without oversight.
So what is Know Your Customer?
KYC is any process that a business uses to verify the identity of its customers or clients. It is very similar to (and often confused with) AML — Anti Money Laundering regulations — which achieve many of the same purposes with traditional currencies and financial systems.
KYC is not ‘One Size Fits All’, though. There are three distinct grades, each of which is useful in different contexts and for different purposes.
1) No KYC At All
This is becoming rare, of course, but many regions still allow this method of buying cryptocurrencies. No KYC means that the crypto exchange or whatever platform is handling the actual transaction has no way of knowing who you are. You don’t need to identify yourself when creating an account, logging in or making the exchange. If you pay with traditional currency, you use something like cash, a gift card, or Western Union.
Overall, it is riskier and typically more expensive for that reason. Still, there are plenty of people willing to spend a little extra for total privacy.
2) ‘Basic’ KYC
This type keeps some data on the people who use it. Exchange participants can typically be identified by the phone numbers or ISPs they use, as well as their payment channels. If you use PayPal, MasterCard or Visa to process payments, your exchange uses at least this level of KYC.
Again, the KYC procedures may not be required until a particular user exchanges, say, $10,000 worth of cryptocurency in a single month. Users would be blocked from doing more business until they had completed the KYC procedures and been identified.
3) Full KYC
This is usually added in on top of ‘basic’ KYC. It requires users to provide documents of some kind which prove their identity. This might require an image of a recognised ID, such as a driver’s license or a passport. Many systems also demand bank statements, utility bills, and more to prove that you live where you say you do and have actual access to the address. More advanced systems demand a snapshot of the customer holding the ID in question near their face, proving that they have the original card.
Is privacy such a concern?
It can be. Each transaction is preserved in the blockchain forever. These can be traced back, so the amount of private information you give over to a crypto exchange could be worrying. Even more so when people are becoming aware of just how much this personal information can be used (or abused, depending on who you ask) beyond the intent of the original transaction.
This private information can be used for a variety of ways, not all of which are completely innocent:
· Analysis of customer identity
· Assessing the risk a customer poses in terms of crimes or regulated behaviours such as money laundering, identity theft, or the financing of terrorism
· Compiling and analysing a profile of a customer’s transactional behaviour
· Collecting a portfolio of one customer’s spending habits across several platforms in order to predict or manipulate their behaviour
· Identifying the spending habits of publicly known people by matching their name
Who actually does the KYC?
Now, that is where it gets interesting. There is suddenly a huge market for outsourced KYC, as cryptocurrencies, exchanges, platforms and other market participants all engage in a bit of CYA to make sure they are not in violation of any KYC laws, regulations or guidelines in any of the jurisdictions in which they do or would like to operate.
How will MXC handle KYC?
They haven’t publicly launched their KYC process yet, but MXC will be using a name you might well recognise in the world of 3rd party KYC. 4Stop is a full service 3rd party KYC and fraud prevention company based in Cologne. They are fully certified to handle this kind of KYC work, and they have a reputation for reliable, real-time results. More importantly, though, they have a reputation for excellent and detail-oriented security.
4Stop uses a hybrid detection model where automated systems are used to pass the vast majority of users and transactions as 100% above board, and flags any ‘suspicious’ transactions or data in real time, sending it to be checked by a well-trained human operative. Of course, this takes more than the few microseconds that the automated systems do, but that is a small price to pay for certainty.