You’ve probably heard of KYC (Know Your Customer), or experienced it first hand when you signed up for an account at a financial institution. It’s the process in which a bank, for instance, verifies that you are who you say you are—typically by asking for identifying documents and other relevant personal information.
KYC is a subset of anti-money laundering (AML) and countering the financing of terrorism (CFT) obligations that many firms must deal with. Originally, these regulations were designed for financial institutions but over time, the scope has expanded to other industries as well such as healthcare, fintech, and even the nonprofit world.
International standards are set by the Financial Action Task Force (FATF) but local rules can vary by jurisdiction.
The purpose of KYC (and AML and CFT) is straightforward. It’s about keeping real customers safe and keeping the bad guys out of the system. These are good things!
In practice, however, traditional approaches to KYC create a host of issues:
- They’re exclusive. People who don’t have access to traditional identifying documentation will have trouble accessing basic financial services. Migrant workers, for instance, might not even have a home address. According to the World Bank, 1.7 billion people still lack access to a bank account.
- They’re expensive. KYC and compliance represents a huge barrier of entry for new companies who not only need to implement systems for identity verification but must also now manage all of that user data in a private and secure way. Which leads us to the next point.
- They create honeypots for hackers. It’s no secret that data breaches have risen astronomically over the last ten years as more and more industries have gone digital. Each time you are asked to verify your identity, your personal data and information is now stored in yet another server somewhere, which becomes a target for criminals. Many of these companies don’t specialize in data security.
- They’re ineffective. This is the saddest part. Despite the best intentions, KYC is often ineffective at catching or deterring the bad guys. This is inherent to how the system operates today. Data is siloed because institutions hold data in their own proprietary system, and these systems don’t talk to each other. A criminal could try to infiltrate one institution with a synthetic identity. If that doesn’t work out, they still have all the other ones to try. Those other institutions would be none the wiser.
These are major issues! The cold hard truth is that we won’t be able to even begin addressing them without fundamentally rethinking how our identity systems work from the ground up.
But if you’re reading this blog post, you likely already know that new approaches already exist. These approaches were designed from the ground up with the digital world in mind—versus the legacy and often paper-based systems that they will ultimately replace.
By leveraging portable and reusable digital identities, financial institutions and other organizations can cover more people around the world, reduce their costs, and create a more seamless and convenient onboarding experience for their users.
These solutions were designed with privacy and security in mind. And because the user owns their data and no longer has to redundantly share it each time they want to sign up for a new service, there’s less targets for hackers.
Reusable identities also drastically reduce the barriers to entry for new companies. Which means that companies can focus on what they do best: building great products and services.
Best of all? They’ll be much more effective at keeping the bad guys out.
That’s the point, anyway, isn’t it?
If you’d like to learn more about GlobaliD, contact our sales team or follow us on Twitter, LinkedIn and YouTube.
You might also like:
- Part 1: What a smart and humanistic approach to digital identity would like
- Part 2: The Trust Triangle — the system of issuers, holders, and verifiers that illustrates how identity works (and how it’s broken, today)
- Part 3: Why the ID Wallet is the first step toward achieving a new vision for digital identity
- Part 4: Why every company is an identity company
- Part 5: What is Bring Your Own Identity?
- Part 6: Reusable Identity
- Part 7: Device-based identity
- Part 8: Selective sharing
- Part 9: Non-custodial wallets