KYC

Why zero-knowledge KYC won’t work

Blockchain technology — including zero-knowledge proofs — doesn’t yet provide adequate solutions for identity verification.

The emergence of blockchain technology presents an opportunity to reexamine and innovate solutions used in our day-to-day life. Blockchains and, broadly speaking, the digital space fuelled by an artificial intelligence revolution urgently need to establish verifiable human identities to ensure trust, accountability and regulatory compliance.

There are a variety of emerging technologies, both on- and off-chain, that could serve as the basis for a functioning trust framework. One solution, in particular, is often referred to as the holy grail of verifications — zero-knowledge Know Your Customer (zkKYC) verification.

What are zk and KYC?

ZK stands for zero-knowledge, a cryptography term used to create cryptographic proofs without revealing the underlying confidential information. Z-based solutions are pioneering privacy across the web. The blockchain industry fueled the innovation of ZK technologies due to their minimal transaction size and privacy-preserving nature.

Related: Kraken staking ban is another nail in crypto’s coffin — And that’s a good thing

Know Your Customer, or KYC, is a set of processes and procedures businesses use to verify their customers’ identities. It is also used in the financial sector to assess any potential risks for money laundering or terrorism financing. It is a requirement for businesses to diligently understand their customers before establishing a relationship with them.

Why zkKYC proofs will not work for blockchains

Zero-knowledge proofs, when created, are linked to a wallet address through a signature. These proofs are not publicly discoverable by design. Yet when a blockchain address interacts with a public smart contract that requires such a proof, the proof’s existence becomes public, negating the privacy benefits of a zero-knowledge proof. It is due to the design of smart contracts running on public blockchains that create a publicly discoverable list of all interacting wallets.

A wallet with zero-knowledge proof that does not interact with an on-chain service that requires such a proof avoids the public disclosure of the proof. Yet this wallet can only transact with another proof-holding wallet following a precursor interaction or the involvement of an intermediary. The hidden nature of these proofs requires both wallets to reveal their proofs to one another proactively.

Another issue with zero-knowledge credentials that are prone to change status over time (such as a Know Your Customer good standing) arises from the lack of dynamic updates in available ZK solutions. This absence of continuous status validity necessitates that the wallet holding a zero-knowledge proof will be required to produce a new proof for every on-chain interaction where this proof is required.

It is worth noting that emerging blockchain technologies advance zero-knowledge-enabled smart contracts, keeping the interacting wallet address private. However, the issues around the need for dynamic proofs and the inability for verified-to-verified peer-to-peer transactions remain relevant even with these advanced solutions.

Do not store personal information in a proof

Projects considering zero-knowledge proofs often contemplate producing these proofs about encrypted data stored on a public ledger. However, it is ill-advised to store any personal information on a public blockchain.

Related: A Supreme Court case could kill Facebook and other socials — Allowing blockchain to replace them

These eternal ledgers are not designed for personal privacy, and for such use, they are not compliant with privacy regulations such as the General Data Protection Regulation and California Consumer Privacy Act. A few significant issues relate to the fact that even encrypted data is considered personally identifiable information. Any such information must be deleted upon request according to these privacy regulations.

Because storing personal information on a blockchain furthers non-compliance with privacy regulations, it is not an ideal solution for storing any form of (verified) personal information on-chain.

What other solutions do blockchain projects have?

Due to the limitations that each blockchain is limited to information and data available on that given chain, builders in the space must consider other blockchain native mechanisms. Any credential design that provides a form of compliance must avoid privacy violations and ensure that the final infrastructure meets the necessary identity verification and regulatory requirements. Technology advancements far outpace regulatory progress; however, disregarding these rules hinders the technology’s adoption.

In addition, when proofs alone are insufficient, and personal information sharing between the participants of a transaction is essential, relying only on off-chain solutions is advised. One example includes decentralized identifiers and verifiable credentials. Another option is to employ off-chain zero-knowledge proofs, which provide privacy protection and are suitable for off-chain data verification.

Balázs Némethi is the CEO of Veri Labs and a co-founder of kycDAO. He is also the founder of Taqanu, a blockchain-based bank for people without addresses, including refugees. He’s a graduate of the Budapest University of Technology and Economics.

This article is for general information purposes and is not intended to be and should not be taken as legal or investment advice. The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.

Crypto scammers are using black market identities to avoid detection: CertiK

The blockchain security firm has uncovered a new tactic used by crypto scammers as the industry continues to improve its fraud detection capabilities.

Crypto scammers have been accessing a “cheap and easy” black market of individuals willing to put their name and face on fraudulent projects — all for the low price of $8.00, blockchain security firm CertiK has uncovered. 

These individuals, described by CertiK as “Professional KYC actors,” would, in some cases, voluntarily become the verified face of a crypto project, gaining trust in the crypto community prior to an “insider hack or exit scam.”

Other uses of these Know Your Customers (KYC) actors include using their identities to open up bank or exchange accounts on behalf of the bad actors.

According to a Nov. 17 blog post, CertiK analysts were able to find over 20 underground marketplaces hosted on Telegram, Discord, mobile apps and gig websites to recruit KYC actors for as low as $8.00 for simple “gigs” like passing the KYC requirements “to open a bank or exchange account from a developing country.”

Pricier jobs involve the KYC actor putting their face and name on a fraudulent project. CertiK noted that most actors are seemingly exploited as they are based in developing countries “with an above-average concentration in South-East Asia” and paid around $20 or $30 per role.

Meanwhile, more complex requirements or verification processes could fetch an even higher asking price, particularly if the KYC actors are residents of countries considered a low money laundering risk.

Some roles paid up to $500 a week if an actor was to play the role of CEO for a malicious project but the KYC actor market was “marginal” compared to the market for already KYCed bank and crypto exchange accounts, according to CertiK.

Crypto to fiat — or vice-versa — conversions were also cited as a significant percentage of the transactions seen on these marketplaces with CertiK calculating that more than 500,000 members in marketplace sizes ranging from 4,000 to 300,000 were buyers and sellers on these black markets.

Related: Scary stats: $3B stolen in 2022 as of ‘Hacktober,’ doubling 2021

CertiK warned that over 40 websites claiming to vet crypto projects and offer “KYC badges” are “worthless,” as the services are “too superficial to detect fraud or simply too amateur to detect insider threats.”

They added the teams behind these websites are “missing the needed “investigation methodology, training, and experience,” meaning these badges are then leveraged by scammers to mislead the community and investors.

That being said, the industry has been working hard and is gaining ground in its fight against crypto scammers. A tool released in October by traditional finance giant Mastercard combines artificial intelligence and blockchain data to help find and prevent fraud.

Contrary to popular belief, the open nature of blockchain transactions means it’s harder for fraudsters to hide the movement of funds. Another recent example has been the work of French authorities using on-chain analysis to find and charge five people who stole nonfungible tokens (NFT) through a phishing scam.

Crypto adoption via regulation: Setting rules for centralized exchanges

While some security issues do exist, major internet outages like the one witnessed across the EU recently cannot really threaten cryptocurrencies or their associated networks.

Centralized cryptocurrency exchanges have become the backbone of the nascent crypto ecosystem, making way for retail and institutional traders to trade cryptocurrencies despite a constant fear of government crackdowns and lack of support from policymakers. 

These crypto exchanges over the years have managed to put self-regulatory checks and implemented policies in line with the local financial regulations to grow despite the looming uncertainty.

Cryptocurrency regulation continues to occupy mainstream debates and experts’ opinions, but despite public demand and requests from stakeholders of the nascent ecosystem, policymakers continue to overlook the rapidly growing sector that reached a market capitalization of $3 trillion at the peak of the bull run in 2021.

Over the past five years, many local and national governments have shown interest in regulating the crypto market but often got perplexed by the vast ecosystem and complexities involved in regulating certain decentralized aspects of the market. As a result, most of the governments that have issued some guidelines or rules related to crypto have done so based on the existing financial regulations, but the evolving market has proven too fast-paced.

Some countries have moved to recognize crypto trading as a legal activity, while others have approved Bitcoin (BTC)-based exchange-traded funds. Many countries have also made way for crypto platforms to operate with a license, but the strict requirements often deter certain small platforms to stay away. As a result, there is no universal blueprint for regulators to adhere to, and experts believe leading centralized crypto exchanges can change that.

In traditional markets, it is perfectly normal for regulators to work closely with industry participants, including exchanges, to ensure that regulations and guidance work well and keep pace with fast-changing technological advances. However, the same can’t be said for the crypto market, as regulators have maintained a safe distance from the nascent industry.

Oliver Linch, CEO of global crypto exchange Bittrex Global, said that the regulators must interact with service providers of the crypto ecosystem to get a better grasp of the industry. He cited the example of Bermuda and Liechtenstein, where the crypto exchange has been working with local lawmakers to make way for positive regulations.

He noted that even though decentralized exchanges continue to remain the flag bearer of crypto’s decentralized ethos, which are thus more complex to regulate, centralized exchanges will be key to major adoption:

“Centralized exchanges have perhaps the most important role to play here. While decentralized exchanges tend to be the ‘poster boys’ for the industry’s cutting edge, they are naturally hesitant to get involved in regulatory matters. In any event, the majority of activity, especially for ordinary retail users (who are front of mind for regulators) happens on centralized exchanges.”

He added that regulating the entire crypto market will follow, but the approach of “Liechtenstein, Bermuda and now the European Union, of regulating service providers, including centralized exchanges, is a good starting place. By properly regulating centralized exchanges, regulators and legislators create a legitimate path for users — from individuals to giant corporates — to get involved in crypto in a safe and regulated manner.”

A Binance spokesperson told Cointelegraph that being a centralized exchange, it needs a centralized entity to work well with regulators.

“Binance believes it has a fundamental responsibility to work with regulators and believes that a well-regulated crypto market provides greater protection for everyday users. We strongly believe that a stable regulatory environment can support innovation and is essential to establishing trust in the industry that will lead to long-term growth,” the spokesperson added.

Centralized exchanges prove to be regulators’ allies

In major economies and developed countries, regulators have not been very keen on involving industry players, but those nations that see the future in the nascent tech have actively partnered and on-boarded leading centralized crypto exchanges to not only help them build the infrastructure but also assist them with formulating right policies for the crypto market.

Binance recently signed a memorandum of understanding with Kazakhstan to help fight financial crimes. The program further aims to identify and block digital assets obtained illegally and used to launder criminal proceeds and finance terrorism. Similarly, Busan onboarded Huobi to develop blockchain infrastructure in the region.

Many countries already regulate centralized exchanges, but there is still a lot of uncertainty about what regimes apply and how they will be enforced. For example, United States-based exchanges operate under licenses from the Financial Crimes Enforcement Network but have been alleged to list tokens and offer financial products (like derivatives, staking and interest-bearing deposits) that fall under the purview of the Securities and Exchange Commission or the Commodity Futures Trading Commission.

The Lummis–Gillibrand bill is considered one of the most comprehensive pieces of legislation proposed on crypto in the United States. South Africa recently classified crypto as a financial product and will be regulating it accordingly. South Korea implemented strict regulations last year that require exchanges to track all transfers to and from their platform, including identifying the owners of wallets. As a result, exchanges there restricted transfers to and from unverified private wallets.

Thus, it is evident from existing regulations that centralized exchanges have become the main point of interaction for not just traders but regulators as well.

Mohammed AlKaff AlHashmi, co-founder of Islamic Coin, told Cointelegraph that regulating centralized exchanges will help in regulating the broader crypto market, explaining:

“Firstly, it’s Know Your Customer and Anti-Money Laundering. I see that most of the exchanges will outsource it to very famous and authentic KYC/AML entities, as it will bring more reliability and trust rather than doing these procedures by exchanges themselves. Secondly, taxation is an important theme when we talk about regulation. Many countries will regulate crypto if they can do the taxation, and I suggest that exchanges will develop the taxation on the crypto transactions and be the one who collects this data and hand it over to the government.”

Habeeb Syed, senior associate attorney at Vicente Sederberg and co-organizer of the Blockchain Technology, Law and Policy Meetup, told Cointelegraph, “Crypto exchanges often determine the winners and losers of the crypto world, as listed on one is an almost surefire way to raise your token price and provide early investors an opportunity for liquidity. Well-thought-out regulation of centralized exchanges could also ripple out into the broader ecosystem.”

He added that regulating crypto exchanges would force legitimate projects to know they can’t engage in certain acts “if they ever want to list a token on say Binance, FTX or Coinbase, which would be a powerful motivating force. With regulated options for trading, staking and lending, actors could choose to forego riskier and unregulated DeFi ecosystems.”

Regulators must proceed with caution

Crypto exchanges play a central role in the vast crypto ecosystem, as they have numerous services and facilities with many trying to become an all-in-one platform. Some experts are of the opinion that, while regulating centralized exchanges can certainly be the first step toward broader crypto market regulations, that is not enough to ensure smooth operations for the whole industry.

Aleksandra Shelepova, head of legal at crypto-backed loan service provider CoinLoan, told Cointelegraph:

“When it comes to imposing regulations to any new and evolving market, everything should be done step-by-step. Moreover, the regulators should have a proper understanding of how this market operates in detail, technological aspects included. Regulation should come from the middle-bottom, meaning the contribution of the market’s participants’ know-how is crucial.”

She added that regulating just the exchanges is not enough since there are many popular and widely used crypto products, including crypto loans, deposits, etc. that must be regulated as well. Expanding regulation to all aspects of the crypto environment ensures a unified understanding of the products themselves.

While monitoring centralized exchanges can definitely pave the way for a better understanding of the crypto market, regulators should refrain from a “one size fits all” formula.

Nicole Valentine, fintech director at Milken Institute, told Cointelegraph that regulators should be more focused on decentralized platforms:

“Just like there is variation in the digital assets themselves, there is variation in the types of exchanges that enable buyers and sellers to trade those digital assets. Although regulating centralized exchanges can be seen as helpful, there are nuances in decentralized exchanges that should be considered, including the use of digital wallets and smart contracts.” 

Centralized exchanges are a key part of the cryptocurrency ecosystem; they are where most new crypto users go to buy their first coins. Many leading centralized exchanges already have strict onboarding and identification procedures in place and would welcome more clarity from regulators on questions such as whether or not digital assets are securities.

Increased regulation for centralized exchanges is a double-edged sword where, on one hand, it would lead to more new interactions and greater adoption, but on the other hand, increased regulation may drive the more experienced crypto users toward decentralized exchanges, something that experts believe regulators would have a hard time dealing with.

Vitalik Buterin ‘kinda happy’ with ETF delays, backs maturity over attention

Sharing his opinion around crypto regulations, Buterin spoke against the regulations that have an impact on the inner workings of a crypto ecosystem.

The co-founder of Ethereum, Vitalik Buterin, believes that the crypto ecosystem needs to mature and be in tune with the regulatory policies that allow crypto projects to operate internally freely.

Sharing his opinion around crypto regulations, Buterin spoke against the regulations that have an impact on the inner workings of a crypto ecosystem.

Considering the current circumstances, he believed it was better to have regulations that allow inner independence to crypto projects, even if it hampers mainstream adoption. Buterin opined:

“I’m actually kinda happy a lot of the exchange-traded funds (ETFs) are getting delayed. The ecosystem needs time to mature before we get even more attention.”

The use of Know Your Customer (KYC) on decentralized finance (DeFi) frontends was another concern pointed out by Buterin. However, he highlighted the need for KYC on crypto exchanges, which has seen wide-scale implementations. According to the entrepreneur:

“It (KYC on DeFi frontends) would annoy users but do nothing against hackers. Hackers write custom code to interact with contracts already.”

In this regard, Buterin made three recommendations, as shown below.

On an end note, Buterin recommended using zero-knowledge proofs to meet regulatory requirements while preserving users’ privacy, stating that “I would love to see rules written in such a way that requirements can be satisfied by zero knowledge proofs as much as possible.”

Related: The Merge brings down Ethereum’s network power consumption by over 99.9%

Google recently added a search feature that allows users to view Ether (ETH) wallet balances by searching their addresses.

Acknowledging the recent Ethereum Merge upgrade, Google embedded a countdown ticker dedicated to Ethereum’s transition from proof-of-work (PoW) to proof-of-stake (PoS) consensus mechanism.

Equifax, known for huge data breach, is building a Web3 KYC solution

Equifax, which suffered a huge data breach in 2017, has partnered with privacy-centric blockchain company Oasis Labs for a decentralized ID offering for Web3 companies.

Credit reporting company Equifax, known for suffering from one of the largest customer data breaches to date, has partnered with blockchain company Oasis Labs to build a Know Your Customer (KYC) solution.

Equifax and Oasis said on Oct. 26 that the latter would be building a decentralized identity management and KYC solution for the industry on Oasis’ platform, which will leverage application programming interfaces (APIs) from Equifax to help with checks and user identification.

The announcement made no mention of the exact technology which will underpin this offering and Cointelegraph’s request for comment was not immediately responded to by either company.

Both firms believe there hasn’t been a KYC solution tailored to Web3 with “strong privacy protection” and their proposed offering is set to address this gap by issuing anonymized KYC credentials to individuals’ wallets.

This credential will be continuously updated according to the announcement and Oasis pledges its “privacy-preserving capabilities” will ensure data is processed in confidence while maintaining a trail on the company’s blockchain.

Web3 firms offering similar solutions based around decentralized identity are Dock and Quadrata with each offering a product built around decentralized identity.

The partnership could have some Web3 natives concerned, considering the significant data breach Equifax suffered in 2017. Around 163 million worldwide private records were compromised, with 148 million being U.S. citizens making it the 13th largest data breach in United States history, according to cybersecurity company UpGuard.

Related: Zero-knowledge KYC could solve the privacy vs compliance conundrum — VC partner

Attackers targeted a third-party web portal with a known vulnerability that was patched, but Equifax had failed to update to the latest version. The hackers gained access to the firms’ servers for around two and a half months, all the while siphoning millions of records containing sensitive information.

It was reported that Equifax spent $1.4 billion on legal fees and strengthening its security posture following the incident. The U.S. Federal Trade Commission and Consumer Financial Protection Bureau issued a $700 million fine in July 2019, which the firm settled.

Kraken crypto exchange is next to close doors to Russian users

Former Kraken CEO Jesse Powell previously warned crypto investors about the risks of holding crypto on a centralized exchange.

Kraken is the latest cryptocurrency exchange to restrict accounts of Russian users on its platform in compliance with sanctions from the European Union.

On Oct. 19, Kraken sent out email statements to its Russian clients to announce that the exchange is halting services to its Russian customers.

“Due to the new European legislation, we have to take measures to restrict your Kraken account,” the company said. According to an email statement seen by Cointelegraph, Russian users would be able to withdraw their funds by request.

“We will update our support center if there are any changes,” Kraken noted, adding: “We apologize for the inconvenience caused.”

Kraken didn’t specify whether there’s a time limit to withdraw the funds from the exchange for Russian citizens. A spokesperson for Kraken told Cointelegraph that the firm complies with the “legal and regulatory requirements in all jurisdictions” of its operations. “Since the EU’s announcement, we have been working to make the changes needed to comply with the latest package of sanctions against Russia,” the representative noted.

The latest restrictions on Kraken are not the first time the exchange has dealt with regulators forcing centralized exchanges to shut down certain accounts.

In February 2022, former Kraken CEO Jesse Powell condemned the Canadian authorities for freezing crypto wallets involved in funding local COVID-19 protests. He explicitly warned the public that Kraken could be forced to freeze some wallets by regulators, advising crypto investors to move crypto out of exchanges.

“If you’re worried about it, don’t keep your funds with any centralized or regulated custodian. We cannot protect you,” Powell said at the time.

Powell also responded to Ukraine’s call to block Russian users’ addresses on crypto exchanges, saying that Kraken would no do that without a legal obligation:

By restricting Russian users on its platform, Kraken joins the increasing number of global crypto exchanges and wallets that stopped servicing Russians in compliance with the latest EU sanctions against Russia.

As previously reported, several crypto firms, including Blockchain.com, Crypto.com and LocalBitcoins, have ceased operations for Russians.

Related: Russian users are welcomed by crypto exchanges in Kazakhstan, but there’s a catch

Bitfinex, one of few exchanges that previously opposed banning non-sanctioned Russians from using its platform, appears to have been forced to comply with sanctions as well.

“We comply with all the regulations under which we are bound and are monitoring this situation closely,” Bitfinex’s senior PR manager, Joe Morgan, told Cointelegraph on Oct. 20. Bitfinex chief technology officer Paolo Ardoino previously recommended that investors use noncustodial hardware wallets to better protect their funds.

The new crypto sanctions are part of the EU’s eighth package of sanctions that were imposed on Oct. 6. The sanctions put a blanket ban on any crypto transactions and payments between Europe-regulated companies and Russian users. The EU initially adopted its first crypto sanctions against Russia in April, limiting Russian users or residents from trading if their holdings exceeded 10,000 euros ($10,000) at the time.

Zero-knowledge KYC could solve the privacy vs compliance conundrum — VC partner

Zero-knowledge Know Your Customer (KYC) would allow businesses to adhere to strict AML/CTF rules while ensuring customer privacy.

As the Web3 industry matures, zero-knowledge Know Your Customer (zkKYC) is becoming more widely discussed as a means to comply with strict financial regulations while maintaining user privacy, according to the partner of a venture capital firm.

In an interview with Cointelegraph, John Henderson, partner at Australian-based venture capital firm Airtree Ventures, said the successful implementation of a zkKYC system would be “great news for both regulators and consumers” and could increase cryptocurrency adoption:

“Institutions and retail users are more likely to participate in DeFi if they can be confident that they are complying with their AML/CTF obligations.”

Henderson explained a zkKYC system would allow users to prove certain things about themselves to service providers without having to divulge personally identifying data such as their names or identification documents.

In theory, the sharing of that information would be enough to satisfy Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF) regulatory requirements placed on the crypto industry:

“[The system] involves a trusted third party validating my personal information and then issuing a cryptographic proof to my personal wallet, which I could then choose to share, or share attributes of, with financial service providers.”

The benefit of such an approach is that no personally identifying information could be leaked in the event of a security breach of a service provider such as a crypto exchange, Henderson claims, with the identification documents only recoverable when required by authorities.

Many in the crypto community have been critical of the way their personally identifiable information has been handled by some crypto platforms.

Recently, the community shared their concerns after court documents published on Oct. 5 publicly disclosed the personal information and transaction history of thousands of Celsius customers, with some warning they could be used to dox users.

Calls to improve privacy for individuals were also loudly sounded at the September Converge22 conference in San Francisco. 

Jeremy Allaire, CEO of stablecoin issuer Circle, expressed the need for “advancements” in technologies that prove identities and credentials while simultaneously ensuring individuals’ privacy.

Related: Are decentralized digital identities the future or just a niche use case?

Henderson however admitted that “storage of sensitive information is still an unsolved problem,” sharing two ideas on how the management of such information could take place:

“One idea would be to have trusted entities hold identity documents off-chain and port proof of identity on-chain, without the original documents. Another idea is to sign a wallet transaction with a regulatory institution, who would then register that account with an identity.”

Despite the challenge, Henderson was adamant a zkKYC protocol will form the “building blocks of on-chain reputation scores” allowing “more useful” financial products and services.

“My priority is onboarding the next hundred million users to crypto,” he said, “If we want to achieve internet scale, we need a solution for AML/CTF compliance.”

Airtree Ventures led a $4.7 million seed round into ReputationDAO on April 13, a decentralized autonomous organization that aims to provide a financial reputation and identity service for decentralized finance (DeFi).

Are decentralized digital identities the future or just a niche use case?

Are decentralized digital identities the future or are they a niche use case for blockchain technology doomed to solely be used by crypto natives?

As users take advantage of online services and explore the internet, they eventually create a digital identity. This type of identity is then tied to central entities like Google and Facebook, which make it easier to share data with new services through simple sign-in buttons.

While these digital identity management systems are convenient, they are relying on centralized intermediaries that hold and control user data. Personal identifiers and attestations are in their hands, and they can decide — or be forced — to share this information with other parties.

Blockchains offer a solution: decentralized digital identities. These allow individuals to manage information related to their identities, create identifiers, control who they’re shared with and hold attestations without relying on a central authority, like a government agency.

A decentralized identifier for a decentralized identity can take the form of an Ethereum account. Users can create as many accounts as they want on the Ethereum network without anyone’s permission and without anything being stored in a central registry. Credentials on the Ethereum blockchain are easily verifiable and tamper-proof, making them extremely trustworthy.

Other use cases are out there. In August 2022, Binance catapulted the decentralized identity debate to social media platforms after moving to launch its first soulbound token, BAB, serving as users’ Know Your Customer (KYC) credentials.

Whether decentralized identities are the future of online activity remains to be seen.

Managing decentralized identities

Speaking to Cointelegraph, Witek Radomski, chief technology officer and co-founder of nonfungible token ecosystem Enjin, revealed he sees a future in which the metaverse will see a “blend of social media networks, email, crypto wallet addresses, and decentralized applications,” suggesting there will be a mix of digital and decentralized identities.

Per Radomski, the key to identity management will be the “preservation and protection of sensitive information,” as different networks have “distinct technical methods to track digital ownership of data.”

Recent: Vietnam’s crypto adoption: Factors driving growth in Southeast Asia

Radomski added that individuals entrusting protocols with their personal data should consider that big business decisions will be made based on an enterprise’s needs and philosophy, adding:

“The ownership of digital assets mimics asset possession in the physical world. Assuming that owners are operating within the bounds of the law, blockchain-enabled digital ownership cannot be interfered with by the government.”

He added that decentralized identities will play a role in preserving individuality, which will “depend on proving that you’re not a bot” and will have online activity as one of the “most compelling testaments to demonstrate this.”

The potential of decentralized identities

Managing digital identities is a challenge, as one mistake can easily lead to a breach of personal information. Centralized entities have been known targets, with a recent case seeing the personal data of Portugal’s president stolen in a cyberattack. The use of decentralized identities eliminates this risk, as only the users are responsible for their data.

Speaking to Cointelegraph, Dmitry Suhamera, co-founder of IDNTTY — a decentralized public infrastructure layer enabling a decentralized identity approach — said that centralized digital identity providers “compete with each other, which actually hinders widespread adoption,” as in the end, “the user needs an ID for government services, an ID to interact with a bank, an ID to work with a cooperation.”

Real-world use cases have seen digital identity programs’ adoption slow down shortly after launching, with Suhamera using Gov.UK Verify in the United Kingdom, which saw less than 10% of the population signing up, as an example. Nigeria’s adoption of eID, Suhamera added, stalled in 2017 amid issues with public-private partnerships used to launch the program.

Per Suhamera, centralized digital identity solutions tend to “be quite expensive and offer an inconvenient monetization model” as users have to buy and pay for national IDs before using them digitally.

Cross-border uses of digital IDs are also complex, Suhamera added, as corporations and regulators have to line up bureaucracy, which can be a slow process. Suhamera added:

“Decentralized ID allows for the creation of a distributed ‘cheap,’ easy to integrate repository of personal ID (for which only the user is responsible) with which any service can integrate, from KYC providers and digital signatures to any online or identity services.”

While decentralized identity can make identifiable information more portable while keeping it safe, centralized entities managing digital IDs “tend to provide a set of services at once,” boosting user experience.

Decentralized identities have a number of use cases, including the potential for universal logins across a number of applications without the use of passwords. Service providers can issue attestation tokens granting users access to their platforms after a single sign-up, for example.

Binance’s soulbound token shows that user authentication and KYC is also a possibility on the blockchain through the use of non-transferable tokens. Because these tokens aren’t transferable, voting through the blockchain without manipulation is a real possibility.

Security concerns

While decentralized identity management does appear to have significant advantages, the technology does not come without its drawbacks. For one, self-sovereignty means it may not be the most user-friendly approach.

Speaking to Cointelegraph, Charlotte Wells, communications manager at crypto platform Wirex, said digital identities have been around for some time, although blockchain-based digital identities will “be a game-changer in the future web 3 due to their decentralized nature.”

Wells pointed out that the amount of user data stored online is steadily growing, creating “huge security concerns over how this data will be stored and who will have access to it.” She pointed to data breaches at Facebook, which exposed the data of millions of its users. Per her words, decentralized digital identities will be “vital in allowing us to have ownership and control over our credentials.” Wells commented:

“Self-sovereign identities use blockchain technology and zero-knowledge proofs to store digital identities on non-custodial wallets – the biggest advantage being that users have complete control over this and decide what companies, apps and individuals have access to this data.”

She added that there are drawbacks: One important role of centralized entities is “enforcing standards of regulation, giving users and businesses the reassurance they need to work on the web.” Without these central authorities, Wells concluded, there may not be the same level of protection for decentralized identities.

Zero-knowledge proofs are a way of proving the validity of a set of data without revealing the data itself. This technology, paired with decentralized identities, could mean users can prove who they are while under pseudonyms, ensuring their security isn’t affected.

Recent: Institutional crypto custody: How banks are housing digital assets

To Fabrice Cheng, co-founder and CEO of Quadrata, blockchain-based digital identities are going to change the concept of digital IDs and create new use cases for the Web3 space. Speaking to Cointelegraph, Cheng noted that it is still important to be mindful of what’s shared, noting that people should “be aware o their behaviors on the blockchain.”

With the Ethereum blockchain acting as a global directory for decentralized identities of users who choose what they share and are in control of their data, it’s hard to imagine a scenario in which crypto-native users wouldn’t prefer this alternative. Non-crypto native users, however, may prefer to keep using centralized providers and share their data, at least until the user experience becomes as simple.

Enhanced KYC checks can be a win-win for crypto exchanges and consumers — here’s why

Adopting more stringent Know Your Customer (KYC) checks can give crypto exchanges a competitive edge over those that meet minimal standards.

Trulioo

Crypto is a fast-moving sector where new trends — decentralized finance and nonfungible tokens among them — accelerate in the blink of an eye. And as demand for digital assets grows, the need for regulation grows too. 

Anticipating those regulations and having the systems in place for future compliance can position crypto exchanges as industry leaders. Those that do the bare minimum risk falling behind as customers turn to more trusted options.

Exchanges, though, can adopt a substantial role in setting the regulatory tone by taking the initiative to go beyond compliance and better protect their users. That can help a business build a reputation for security and deliver a compelling point of difference from the competition. More than that, it can show regulators how policies can work in practice.

The business case

Prioritizing adaptable, futureproof solutions can make it easier for exchanges to expand quickly into new markets. It can help them control operating costs, reduce risks and enhance the customer experience.

Beyond helping crypto exchanges achieve compliance, identity verification technology that draws from hundreds of global data sources can accelerate onboarding, offering the right balance between security and friction. Onboarding customers quickly and safely can give exchanges the competitive edge they need in a market that gets more crowded with every crypto bull run.

Trulioo, an identity verification service that enables exchanges worldwide to quickly and securely onboard customers, is helping crypto platforms achieve their full potential in a constantly shifting market.

Fast, accurate digital identity verification can help exchanges build trust and safety while quickly expanding their customer base, the company says. Enhanced Know Your Customer (KYC) checks can help exchanges scale more quickly. By knowing exactly who their customers are and establishing the provenance of funds, exchanges can position themselves to adapt to future regulation changes.

“Regulation is a hot topic in the crypto space and one of the reasons we’re seeing so many crypto exchanges looking to partner with us,” Trulioo CEO Steve Munford told Cointelegraph. “Working with a platform such as Trulioo can help exchanges stay ahead of the curve and remain compliant while preparing for tighter regulations that might be on the horizon.”

How does enhanced KYC work? 

Conventional KYC measures can limit the number of people an exchange can verify, especially if it requires a passport, driver’s license or bank account. By contrast, Trulioo offers validation in more than 195 countries and against more than 400 reliable data sources — including mobile networks, credit bureaus, banks, governments and business registers. It’s also possible to authenticate new users with the help of a selfie.

Trulioo recently acquired the no-code orchestration solution HelloFlow to accelerate digital onboarding and unveiled major product updates that include document-free proof of address verification. In another significant development, company executives said they achieved unicorn status after a $394 million Series D funding round.

Trulioo wants to help exchanges navigate the choppy waters of regulation now and in the future with fast, secure and accurate KYC and Anti-Money Laundering crypto checks.

That approach can help crypto businesses bolster their infrastructure to ensure they’re ready when the next bull run brings a new wave of customers to exchanges.

Learn more about Trulioo

Disclaimer. Cointelegraph does not endorse any content or product on this page. While we aim at providing you with all important information that we could obtain, readers should do their own research before taking any actions related to the company and carry full responsibility for their decisions, nor can this article be considered as investment advice.

Are Bitcoin transactions anonymous and traceable?

Bitcoin transactions are easily traceable through blockchain explorers but do not directly reveal the identities behind Bitcoin wallet addresses.

Should I share my Bitcoin address publicly?

It is not a problem to share public keys, but make sure the private key cannot be found by third parties. Transactions can be sent to the public key, which is completely secure.

It is safe to share your Bitcoin address publicly. This way, it is possible to safely complete donations or payments. No cryptocurrencies can be stolen through a public address. The only way by which stealing crypto is possible is if someone has managed to get hold of the private keys.

Bitcoin wallets always make a difference between public keys and private keys. A public key can be compared to your email address. Anyone can send emails to it, but only the owner of the email address can read them. With a cryptocurrency address, this is no different since others can use this address to send crypto, and the owner of the address is the only one who can use the digital asset.

The private key is the password to enter the wallet. It is important that this unique code is kept in an offline place where no one can access it. Sharing personal data, such as the private keys and the wallet password, with others can cause the wallet in question to be emptied. Therefore, only share the public key if necessary and keep the other codes in a safe place.

Purchase a licence for this article. Powered by SharpShark.

Can you have an anonymous Bitcoin wallet?

Anonymous Bitcoin wallets exist, but be careful while handling them. You can reveal your identity, which defeats the purpose of the wallet.

It is certainly possible to have an anonymous Bitcoin wallet. However, a wallet alone is not enough to ensure this anonymity. When someone makes several transactions, an identity can be linked to a wallet where this information is known. Due to the tightened KYC rules for exchanges, it seems to be increasingly challenging to conduct transactions in a completely anonymous way.

Nevertheless, there are Bitcoin wallets that allow you to operate completely anonymously. The Electrum wallet is an example of this, which can also be integrated with a hardware wallet. Before making the choice to use an anonymous wallet, it is useful to first consider how Bitcoin will get on this wallet. When BTC is sent from an exchange with KYC, the anonymity is already gone.

What are the challenges in tracking a Bitcoin address?

It can be difficult to track Bitcoin transactions when people use various wallets and Bitcoin mixers. These factors disrupt the search process and take up a lot of time.

Despite the fact that it is challenging for users of a Bitcoin wallet to conduct transactions completely anonymously, there are several ways to get close to anonymity. For example, it is possible to use a cryptocurrency mixer.

In this case, it is a Bitcoin mixer, which ensures that it is more difficult to make Bitcoin traceable. This is done by mixing BTC transactions from different people together in a pool, then sending the transactions to the intended addresses.

In addition, wallets can also be very difficult to monitor. If someone does not want their activities on the Bitcoin network to be traceable, it is possible to create a sort of smoke screen. By creating many crypto wallets and carrying out various transactions between these wallets, it can be more difficult for anyone to trace transactions and wallets.

Both challenges are difficult on their own, but combining them can make tracking Bitcoin addresses a lot more difficult. Tracking transactions and wallets will take an enormous amount of time and energy.

Can you search for a Bitcoin wallet address?

It is possible to search for a Bitcoin wallet address through a Bitcoin explorer. However, finding a crypto address does not mean that you also know the identity behind it.

When you don’t have any identifying information that goes with the Bitcoin wallet, it’s hard to search. Through a blockchain explorer, it is easy to find transactions and addresses, but it can take a lot of time to find out the identity behind a wallet address.

Because someone’s wallet address does not have to be anonymous but can be hard to find, a Bitcoin wallet address is called a pseudonym, an alias, which is different from someone’s actual name. The data is not linked to an identity, but it is still possible to trace someone’s identity or a pseudonym.

How are Bitcoin transactions traced?

With increasing legislation and surveillance, governments can trace fraudulent BTC transactions more easily by finding the identity behind a Bitcoin wallet address.

In recent years, millions in cryptocurrencies have been seized by various governments worldwide. Criminals saw the opportunities that blockchain technology has to offer and tried to buy cryptocurrencies such as Bitcoin as anonymously as possible.

Ultimately, this did not work out well for many fraudsters and it can be stated that Bitcoin transactions are not fully anonymous. These events have helped to tighten legislation in this area and intensify the search for fraudulent transactions.

When trading from Bitcoin wallets whose identity is not known, transactions can be traced quickly, but it can take time to find out the identity. When someone wants to exchange their cryptocurrencies for United States dollars, it already becomes a lot easier to trace the identity of the wallet owner and trace back the transactions.

What makes Bitcoin traceable?

Bitcoin transactions are traceable because Bitcoin’s blockchain is completely transparent and every transaction is publicly stored on a distributed ledger.

Since 2013, various studies have been looking into tracking Bitcoin transactions and their associated identities. Although it is possible to create a certain form of anonymity with cryptocurrencies, it is difficult to send transactions completely anonymously via the Bitcoin blockchain. Blockchains remain fully open and accessible to everyone.

Thanks to the transparency of the blockchain, it is possible to easily track money flows. If the identity behind a wallet address is known, then the transactions made can be traced back and traced in the future. All these transactions can be viewed in detail. In this way, it is possible to see which amount was sent, but also on which date and to which wallet.

Can you trace a Bitcoin transaction?

Through blockchain explorers, one can easily track Bitcoin transactions, but it is becoming increasingly difficult to conduct Bitcoin transactions anonymously.

It is certainly possible to trace a Bitcoin (BTC) transaction. Bitcoin explorers allow you to map activity on the Bitcoin blockchain. Thanks to this transparency, transactions are traceable and you can think of the blockchain as a kind of open database full of Bitcoin transactions.

Other cryptocurrencies like Ether (ETH) and Solana (SOL) also have their own blockchain explorers called Etherscan and SolScan. In all these explorers, you can find information about the transactions on the blockchain, such as how much crypto was sent and which addresses were involved in the transaction. Despite the transparency of the blockchain, many people think that you can still make Bitcoin transactions anonymously.

However, more and more countries are implementing Know Your Customer (KYC) rules, which require you to reveal your identity on centralized trading platforms. By disclosing your identity, it becomes a lot easier for the government to discover what transactions you have carried out and to see what is in your Bitcoin wallet.

To be able to trade on a central exchange, personal data will have to be supplied to the exchange. Bitcoin addresses can therefore be linked to personal data. Since the data of previous Bitcoin transactions is not deleted, it is always possible to view past transactions.