Know-your-customer (KYC) solutions are becoming increasingly important for crypto companies, financial services providers and institutions.
Grand View Survey found it that the global size of the KYC software market in 2021 was estimated at $2.93 billion. This number is expected to grow at a compound annual growth rate (CAGR) of 20.8% over the next six years.
Grand View Research’s report further noted the growth of the KYC market, which can be attributed to the importance of compliance management and the rising number of identity-related frauds in financial institutions. The rise of deepfakes and artificial intelligence (AI) scams. also leads to greater adoption of KYC.
The problem with traditional KYC solutions
While KYC is an important requirementthe process is often a burden for both users and companies.
Riley Hughes, co-founder and CEO of digital identity startup Trinsic, told Cryptonews that users undergoing KYC are typically required to provide a photo of themselves along with an identification document.
As KYC becomes more common, Hughes points out that users will typically need to repeat this process several times.
“Someone will probably have to perform KYC about ten different times across multiple apps and platforms,” says Hughes. “But statistics show that asking users to authenticate themselves using a photo of a plastic ID card results in as much as 40% attrition.”
Vishal Kapoor, Chief Operating Officer of blockchain technology company Chia Network, further told Cryptonews that KYC is expensive to implement.
A recent one article from Betanews mentioned that KYC measures amount to 40% of all anti-money laundering (AML) compliance costs, which for banks totals $5.7 million per year.
Reusable KYC is gaining traction
Given these challenges, reusable KYC solutions are starting to gain ground.
“Reusable identification, or KYC, allows users to leverage previous verifications instead of having to re-verify themselves across different platforms,” Hughes said.
To put this into perspective, Hughes recently explained that Trinsic launched an ‘identity acceptance network’ that enables reusable KYC.
“Enterprises can now use Trinsic to verify 60,800,000 people ten times faster than identity verification from scratch, while also reducing fraud,” he said.
Today, Trinsic is launching the first identity adoption network in partnership with dozens of world-class identity providers, including @Clear, @getyoti, @enterIDVerse, @AirsideHQ an Entrust Company and @dentityme.
Companies can use Trinsic to authenticate 60,800,000 people 10x… pic.twitter.com/3Z3p3l0hRs
— Trinsic (@trinsic_id) May 21, 2024
Hughes explained that companies included CLEARLY – the technology company that performs biometric travel document verification at major airports – has partnered with Trinsic as part of its identity acceptance network.
“The goal behind this network is to get users KYC verified as quickly as possible to meet the enterprise risk threshold,” he said. “If users have already been verified by a company in the network, we will try to direct other companies in the network to that verification.”
For example, if a CLEAR user has CLEAR authentication, they can use it for other platforms within the identity acceptance network.
Blockchain for reusable KYC
While reusable KYC solutions can save users and businesses time and money, adding blockchain to the mix allows users to take ownership of their personal information and data.
For example, identity technology company Dentity is part of Trinsic’s identity acceptance network. Dentity CEO Jeffrey Schwartz told Cryptonews that the platform stores users’ login credentials on the Bitcoin blockchain.
“We store decentralized identifiers (DIDs) on-chain to verify the authenticity of issuers,” Schwartz said. “The only thing that should be on-chain is what is needed to verify a credential.”
Chia Network does this too. According to Kapoor, Chia’s verifiable credentials (VCs) enable a KYC provider to perform KYC by issuing a verifiable credential token on-chain.
“This allows service providers, such as Dapps, to verify that a user has undergone KYC verification with a trusted KYC provider – without the user having to reveal any personal information,” he said.
Kapoor explained that people are looking for better protection of their personal information as identity fraud increases. Panda security statistics show that more than 10 billion personal data have been exposed worldwide as a result of data breaches since March 2020.
“Using on-chain VCs and DIDs allows the individual to keep their own VC and decide who it can or should be shared with, without risk of oversharing or data exposure,” Kapoor said. “This also reduces external points of contact with their sensitive personal information.”
Blockchain protects user data
While it is notable that reusable KYC is gaining popularity, some concerns remain. A recent Reuters for example article pointed out that criminals can still quickly abuse automated KYC checks, putting a user’s information at risk.
Store data in the chain tries to solve this problem. For example Deloitte Switzerland started issuing reusable KYC credentials last year to enable access to global digital asset fundraising. Polimec, a decentralized finance protocol developed on Polkadot, has partnered with Deloitte Switzerland to enable this feature.
.@DeloitteCH-powered, @Web3foundation-sponsored, @Kiltprotocol-credentialed. Ready to be used on @PolimecProtocol https://t.co/LK3Jw31bDQ
— Fabi (@FabianGompf) April 29, 2024
Luca von Wyttenbach, the co-founder of Polimec, told Cryptonews that a KYC credential allows users to establish a digital self-sovereign identity by validating their data once they have Deloitte.
“Once Deloitte issues a KYC credential, which is held under a user’s control, they can use it with various online services, the first of which is Polimec,” said Wyttenbach.
He added that the website or service provider can rely on the shared data as it has been approved and certified by Deloitte.
“This means users only have to share the minimum necessary data about themselves,” he noted.
Wyttenbach further explained that Deloitte’s KYC credentials are anchored in the KILT protocol. He noted that Deloitte conducts customer KYC and is the only party that receives and stores that data. The data is then created into a KYC credential, which is hashed and stored in the user’s Deloitte wallet.
“The hash is anchored to KILT, meaning no personal information is stored on-chain. Users can verify their data against the hash by presenting their login details,” said Wyttenbach. “In short, the login credentials are pseudonymous – therefore all transactions and network participants on Polimec can be processed in a secure, regulatory compliant manner while maintaining data privacy.”
Challenges can hinder adoption
Although reusable KYC solutions on the blockchain are currently being used, there are still challenges.
For example, Julian Leitloff, co-founder of decentralized identity platform idOS Network, told Cryptonews that encouraging widespread adoption of reusable KYC solutions among users and service providers is a major hurdle.
Echoing this, Schwartz noted that Trinsic’s Identity Acceptance Network requires collaboration.
“The idea behind this is that we all share user data,” he said. “I hope this collaboration will allow us to achieve that, but interoperability is key here.”
Hughes is aware of this challenge. He said Trinsic’s Identity Acceptance Network currently covers more than 60 million users, but he still believes the platform needs to move forward aggressively.
“Everyone in the EU will soon have access to a digital identity wallet,” Hughes said. “We will have to implement the same standards in the future.”
Additionally, Leitloff pointed out that another major challenge around reusable KYC includes ensuring privacy and data security.
“Because user data must remain private and secure even when shared across multiple platforms,” he said.
To address these challenges, Leitloff explained that idOS implements advanced encryption techniques such as Zero knowledge certificates (ZKP) And Secure Multi-Party Computation (MPC) to protect user data.
“Promoting the use of standardized identity formats such as W3C Verifiable Credentials ensures consistency and interoperability,” he said. “Using decentralized storage networks will also enable data availability and reduce the risk of centralized points of failure.”
