Skip to content

How zero-knowledge KYC could resolve the conflict between privacy and compliance

Zero-knowledge Know your customer (KYC) would enable firms to uphold stringent AML/CTF regulations while protecting customer privacy.

Photo by Charanjeet Dhiman / Unsplash

According to the partner of a venture capital firm (1), zero-knowledge know your customer or zkKYC (2) is getting greater attention as the Web3 business matures as a way to adhere to stringent financial rules while preserving user privacy.

John Henderson (3), a partner at the Australian venture capital firm Airtree Ventures, believes that the successful adoption of cryptocurrencies would be boosted by the successful implementation of the zkKYC system, which would be wonderful news for consumers as well as regulators.

If institutions and retail users feel they are meeting their AML/CTF obligations, they are more inclined to participate in DeFi (4). Henderson added that a zkKYC system would enable users to demonstrate certain facts about themselves to service providers without disclosing personally-identifying information like their names or identification documents.

While in principle, sharing that information would be sufficient to meet the regulatory obligations set for the cryptocurrency business regarding counter-terrorism financing and anti-money laundering.

A responsible third party verifies the user's personal information as part of the system before issuing cryptographic proof for the user's wallet. The user can then share or not share certain attributes with the financial service provider.

The main advantage of this strategy is that identification documents can only be recovered when needed by authorities, meaning that in the event of a security compromise at a service provider like a crypto exchange, no personally identifying information might be exposed. Many cryptocurrency worlds have criticized how some crypto platforms have handled users' personally identifying information.

In a recent incident, the community voiced its worries after court records released on October 5 revealed thousands of Celsius customers' data and transaction history, along with some warnings that "dox" users could utilize these. While the San Francisco Converge22 conference (5) in September heard vociferous pleas for enhancing personal privacy,

The CEO of stablecoin issuer Circle (6), Jeremy Allaire, argues that there is a need for technological improvements that guarantee people's privacy while still proving their identities and credentials. Henderson offered two suggestions for managing such information, although she acknowledged that the challenge of storing sensitive data remains unresolved.

One concept is for trustworthy entities to retain identification documents off-chain and to move proof of identity without the original documents onto the blockchain. Another proposal is to sign a wallet transaction with a regulatory organization, which would subsequently register that account with an identity.

Henderson insisted that despite the difficulties, a zkKYC protocol will serve as the foundation for on-chain reputation scores that will enable more useful financial products and services. Henderson also stated that onboarding millions of users to cryptocurrency is a priority because achieving this internet scale requires an AML/CTF compliance solution.

Latest