Know-your-customer (KYC) solutions are becoming increasingly important for crypto companies, financial services firms, and institutions.
Grand View Research found that the global KYC software market size was valued at $2.93 billion in 2021. The number is expected to expand at a compound annual growth rate (CAGR) of 20.8% over the next six years.
Grand View Research’s report further noted the growth of the KYC market, which can be attributed to the importance of compliance management and the rising number of identity-related frauds in financial institutions. The rise of deep fakes and artificial intelligence (AI) related scams is also leading to greater KYC adoption.
The Problem With Traditional KYC Solutions
While KYC is an important requirement, the process is often a burden for both users and businesses.
Riley Hughes, Co-founder and CEO of digital identity startup Trinsic, told Cryptonews that users undergoing KYC typically have to provide a photo of themselves, along with an identification document.
As KYC becomes more common, Hughes pointed out that users typically have to repeat this process multiple times.
“A person will likely have to perform KYC about ten different times across multiple apps and platforms,” said Hughes. “But statistics show that asking users to verify themselves using a photograph of a plastic ID card results in as much as 40% drop-off.”
Vishal Kapoor, Chief Operating Officer of blockchain technology firm Chia Network, further told Cryptonews that KYC is expensive to implement.
A recent article from Betanews mentioned that KYC measures amount to 40% of all anti-money laundering (AML) compliance costs, totaling $5.7 million yearly for banks.
Reusable KYC Gains Traction
Given these challenges, reusable KYC solutions have started to gain traction.
“Reusable identification, or KYC, allows users to leverage past verification instead of having to re-verify themselves across platforms,” said Hughes.
To put this in perspective, Hughes explained that Trinsic recently launched an “identity acceptance network” that enables reusable KYC.
“Businesses can now use Trinsic to verify 60,800,000 people 10 times faster than a from-scratch identity verification, while also reducing fraud,” he said.
Today Trinsic is launching the first identity acceptance network in partnership with dozens of world-class identity providers including @Clear, @getyoti, @enterIDVerse, @AirsideHQ an Entrust Company, and @dentityme.
Businesses can use Trinsic to verify 60,800,000 people 10x… pic. .com/3Z3p3l0hRs
— Trinsic (@trinsic_id) May 21, 2024
Hughes explained that businesses including CLEAR – the technology company that operates biometric travel document verification at major airports – along with others, have partnered with Trinsic as part of the identity acceptance network.
“The objective behind this network is to get users KYC verified as fast as possible to meet the business risk threshold,” he said. “If users have already been verified by a business in the network, we try to route other businesses in the network to that verification.”
For example, if a CLEAR user possesses a CLEAR verification, they may use this again for other platforms within the identity acceptance network.
Blockchain for Reusable KYC
While reusable KYC solutions can save users and businesses time and money, adding blockchain to the mix enables users to own their personal information and data.
For example, identity technology company Dentity is part of Trinsic’s identity acceptance network. Dentity CEO Jeffrey Schwartz told Cryptonews that the platform stores users’ credentials on the Bitcoin blockchain.
“We store decentralized identifiers (DIDs) on-chain to verify the authenticity of issuers,” said Schwartz. “The only thing that needs to be on-chain is what is required to verify a credential.”
Chia Network is also doing this. According to Kapoor, Chia’s verifiable credentials (VCs) allow a KYC provider to perform KYC by issuing a verifiable credentials token on-chain.
“This enables service providers, such as Dapps, to verify that a user has undergone KYC verification with a trusted KYC provider — without requiring the user to reveal any personal information,” he said.
Kapoor explained that people are seeking better protection of their personal information as identity scams rise. Panda Security statistics show that over 10 billion personal records have been exposed globally due to data breaches since March 2020.
“Using VCs and DIDs on-chain, the individual can custody their own VC and decide to whom it can or should be shared, without risk of oversharing or data exposure,” Kapoor mentioned. “This also decreases the external touchpoints with their sensitive personal information.”
Blockchain Protects User Data
While it’s notable that reusable KYC is gaining traction, a number of concerns linger. For instance, a recent Reuters article pointed out that criminals can still quickly exploit automated KYC checks, putting a user’s information at risk.
Storing data on-chain seeks to solve this problem. For example, Deloitte Switzerland began issuing reusable KYC credentials last year to enable access to global fundraising of digital assets. Polimec, a decentralized funding protocol developed on Polkadot, has partnered with Deloitte Switzerland to enable this feature.
.@DeloitteCH-powered, @Web3foundation-sponsored, @Kiltprotocol Credentials. Ready to be used on @PolimecProtocol https://t.co/LK3Jw31bDQ
— fabi (@FabianGompf) April 29, 2024
Luca von Wyttenbach, the co-founder of Polimec, told Cryptonews that a KYC credential enables users to establish a digital self-sovereign identity by validating their data once they have had Deloitte.
“After Deloitte has issued a KYC Credential, which is kept under a user’s control, they will be able to use it with different online services, the first being Polimec,” said Wyttenbach.
He added that the website or service provider can rely on the shared data since it has been approved and certified by Deloitte.
“This means that users only have to share the minimum necessary data about themselves,” he remarked.
Wyttenbach further explained that Deloitte’s KYC credentials are anchored on the KILT Protocol. He noted that Deloitte conducts customers’ KYC and is the only party receiving and storing that data. Next, the data is created into a KYC Credential, which is hashed and stored in the user’s Deloitte wallet.
“The hash is anchored on KILT, meaning that no personal information is stored on-chain. Users get to verify their data against the hash by presenting their credentials,” Wyttenbach said. “ In short, the credentials are pseudonymous – hence, all transactions and network participants on Polimec can be processed in a regulatory compliant and secure manner while preserving data privacy.”
Challenges May Hamper Adoption
While reusable KYC solutions on the blockchain are currently being used, challenges are still present.
For instance, Julian Leitloff, Co-founder of the decentralized identity platform idOS Network, told Cryptonews that encouraging widespread adoption of reusable KYC solutions among users and service providers is a major hurdle.
Echoing this, Schwartz remarked that Trinsic’s Identity Acceptance Network requires collaboration.
“The idea behind this is that we all share user credentials,” he said. “I hope this collaboration will allow us to achieve that, but interoperability is key here.”
Hughes is aware of this challenge. He shared that Trinsic’s Identity Acceptance Network currently covers over 60 million users, yet he believes that the platform needs to move forward aggressively.
“Everyone in the EU will soon have access to a digital identity wallet,” said Hughes. “We will need to implement the same standards moving forward.”
In addition, Leitloff pointed out that another major challenge around reusable KYC includes ensuring privacy and data security.
“As user data must remain private and secure even when shared across multiple platforms,” he said.
To address these challenges, Leitloff explained that idOS is implementing advanced encryption techniques such as Zero-Knowledge Proofs (ZKP) and Secure Multi-Party Computation (MPC) to protect user data.
“Promoting the use of standardized identity formats like W3C Verifiable Credentials ensures consistency and interoperability,” he said. “Utilizing decentralized storage networks will also enable data availability and reduce the risk of centralized points of failure.”