INTRODUCTION
Some services and individual tokens are open for unverified use by all. But to comply with regulatory authority, certain services and tokens require KYC (Know Your Customer), without which you are shut out of a plethora of financial vehicles present.
How would Decentralized KYC Checks work? Well, just imagine a scenario where you identify yourself once for a KYC Check and receive an on chain certificate which provides KYC authentication for all your KYC required future transactions. A 'once and done' system. Instead of the hassle of re-KYCing yourself for each and every service you KYC once then use the certificate in place of KYC for all subsequent services utilized.
DISCUSSION
So just how does the Decentralized KYC system help keep users data safe? There would be only one point of entry of the users data into the system. The risks associated with re-entering basically the same user data across multiple platforms is eliminated and replaced with the Decentralized KYC certificate where the user data is entered once.
The existing system in the cryptocurrency financial space requires identity verification multiple times for each individual service a user wishes to utilize. While each one of these individual services performs KYC in a slightly different fashion, nonetheless, either the users passport or government identification is uploaded into each individual service. Given the current reality of the state of the cryptocurrency economy, probably at least half of the services holding your identification in its computers will go bankrupt or otherwise cease operations. So the question remains where does the users identity information wind up and what nefarious actor may repurpose the information to accomplish his/her evil deeds. The Decentralized KYC system removes this possibility.
In a blockchain based, decentralized KYC system, the users identity would operate in the same function as a token. The identity would only be sent (and received) with its owner's consent and permission. The decentralized identity created would have verifiable credentials where each user would have a decentralized identifier to be signed by private key. The private key would be used to verify the credential came from the intended user. A hash would be created on the blockchain constituting verifiable proof the credential is true. When the hash is shared the user self authenticates and proves it was signed at a specific time.
The inclusion of zero-knowledge proofs into the Decentralized KYC system would greatly enhance the systems protections. The use of zero-knowledge proofs permits the breaking apart of one's identity permitting the system to share only the specific required identity components with the needed differing platforms. By way of example, an Exchange requires KYC proving only the user is 18 years of age or older. However, providing the user's passport or government identification gives the exchange more information than required (e.g. user's address, height, weight, picture, etc.). However by using Decentralized KYC with zero-knowledge proofs enabled, the user could just share the age data point with the Exchange. The age data point would have a hash attached to it, which mathematically proves the information to be true, thereby satisfying the KYC required for the Exchange.
As such, a user's complete identity would not be shared to all platforms in the Decentralized KYC system. Just the specific required data would be supplied on an individual 'case by case' basis to verify the user to utilize a specific service.
An additional protection associated with the use of Decentralized KYC is that the system permits user's to keep their identification data stored 'locally'. This 'localization' of identification data could render KYC data leaks past history. As the decentralized system gains traction and becomes the way more companies use the identification information, it becomes virtually impossible to hack a user's personal data. As the user's personal data is 'localized' and absent from the companies centralized servers, the nefarious hacker would find no information if the server is hacked because the information simply is not there.
CONCLUSION
Basically, the move toward a Decentralized KYC system is a move toward a safer ecosystem absent centralized servers. The protections and safety present in such a decentralized system, clearly, in this writer opinion, is a step in the right direction for consumer safety in the cryptocurrency environment. Please note that this is one man's opinion and should not be deemed as advise for any investment purpose.
I am merely an ordinary small investor who likes to share what I've learned and found interesting. Please take a few minutes and check out my other published articles. I am not in any way a financial advisor and as such, do your own research before investing. If you enjoyed this article please like it, comment and/or tip. Feedback is always welcome here.
https://eprint.iacr.org/2020/934.pdf
https://www.fanzhang.me/publication/candid/
Yep, honestly I just can't wait for KYC that can actually be done safely. It can't come soon enough. This will be able to be used in such a wide variety of ways it's kind of insane.