It is a well-established fact that credential theft is the most common attack vector cybercriminals use to defraud consumers. In fact, globally financial institutions spend hundreds of billions of dollars a year on anti-money laundering compliance and technology solutions that help protect and authenticate consumer identity (I.e., identity proofing, biometrics, and multi-factor authentication to name a few).
Creating and implementing effective customer identity verification processes is essential to reducing the risk of fraudulent transactions and ensuring regulatory compliance.
One such approach is to share information among banks and governments through a multi-step model called Know Your Customer (KYC) – which may involve a central database maintained by a consortium of banks like Swift whereby consumer data is used to verify their identity and identify any potential risks of doing business with them. self-sovereign identity (SSI) is a new decentralized identity model that can help banks to solve the existing challenges of sharing KYC information securely and cost-effectively.
With decentralized KYC, the customer can be issued a KYC verifiable credential that can be cryptographically verified and stored on the customer’s mobile wallet. Verifiable credentials are trustworthy, tamper-proof, and machine-verifiable digital identity documents. The verifiable credentials can be issued by KYC providers and verified by other service providers for authenticity and ownership. The customer may proactively trigger issuance of such credentials or as part of an existing KYC process. KYC verifiable credentials provide a strong benefit to all involved – a seamless customer experience, as well as a simplified and more cost-effective processes for banks and service providers.
A lot of progress has been made in recent years in the field of self-sovereign identity:
- Ratification of standards like W3C VC, and DID
- European Blockchain Services Infrastructure (EBSI) framework matured with POCs and pilot projects under way
- eIDAS 2.0 close to being released
- British Columbia Government launches VON (Verifiable Organizations Network)
- Increased number of SSI networks all around the world
eIDAS 2.0 will mandate business and government organizations within the EU to accept decentralized identity verifiable credentials stored in digital wallets. KYC providers must ensure they are ready to integrate with the EBSI framework.
Benefits for all when KYC verified credentials are implemented
Incremental deployment of AI/ML technology has enabled online KYC checks that provide a significant improvement over the manual KYC process. With the manual KYC processes, a considerable amount of time and resources are spent on reviewing checks for the same user repeatedly.
Imagine a user onboarding experience using a verifiable KYC credential as follows:
- Customer visits service provider website
- Customer scans a QR code with their mobile wallet
- A secure encrypted channel is established between the mobile wallet and website
- Service provider requests KYC credentials
- Customer consents to sharing their verifiable KYC credential
- Service provider website lets them in
And this process only takes a few seconds!
The reusable nature of KYC verifiable credentials and user control of their own data lends itself nicely to an exceptional user experience and builds confidence around privacy. Additionally, the reusable KYC credentials enhance business process efficiency and reduce costs.
Repeated cost of passport and driver license scans, facial recognition, and liveness detection for KYC can add up and impact the P&L significantly. With KYC verifiable credentials, the cost is reduced significantly, and that financial benefit can be passed on to the banks by KYC providers while maintaining higher margins.
As decentralized verifiable credentials are stored in mobile wallets, there is significantly reduced risk of data being stolen. Mobile wallets enable user consent to ensure no information leakage, as well as maintaining a strong security and privacy posture.
With rapidly increasing adoption and acceptance of decentralized identity (~27% CAGR), KYC providers can benefit from issuing KYC verifiable credentials.
Contact our experts to discuss your organization’s needs.