KYC — where is your data and how to secure it with Aleo?
I think many of you have encountered the KYC procedure. Cryptocurrency exchanges, launchpads, various mobile applications — all of them receive your data in exchange for the right to use their services.
KYC (“know your customer”) suggests that financial institutions, including cryptocurrency exchanges, should have an understanding of who they work with to ensure an appropriate level of security and monitor attempts at fraudulent activity.
KYC customer verification is now a common legal practice. The cryptocurrency market has grown considerably lately, with increasing interest from both supervisory authorities and fraudsters. Therefore, to protect bona fide users and assets stored in cryptocurrency wallets, leading companies require the completion of the verification procedure.
As it may seem, there is nothing dangerous about going through KYC. But you must understand that all your basic data (passport, photo, phone number, e-mail, residential address, etc.) is in the possession of the party to whom you voluntarily gave it all and beyond your control for its further use. For example, your data might be forwarded (or even sold) to a third party for marketing purposes or stolen by hackers and then used for illegal purposes. There is no guarantee. At the same time, you sometimes give your data to dozens of different companies.
Is there a solution to this problem? We can definitely say that there is. For example, zero-knowledge proof technology allows one party (the proving party) to prove to the other party (the verifying party) that a claim about some hidden information is true, without revealing anything about that information, except the truth of the claim itself. This sounds a bit confusing. In practice, it could be organized as follows. You upload all of your personal data to the KYC platform, where it’s securely encrypted, and you get proof in return that your data is true. You can then use this proof as your KYC identifier. Of course, companies have to accept this way. But I think it is more reliable, because your data is transmitted only to one place and then the platform only confirms that you are you.
Now it remains to understand what can be used to build such a platform. I would like to draw your attention to a new project like Aleo. So far this startup. They are developing a platform for developing private applications (with zero knowledge). Aleo is a blockchain with smart contracts and its own programming language. Based on Aleo, it is possible to create applications (or programs) where certain information can be hidden. That is, users no longer need to share information that is important to them, and web services no longer need to risk losing their users’ data.
I hope that we will have a platform for passing KYC developed in Aleo and users will be able to keep their privacy. In the meantime, the project is having a testnet and preparing for mainnet. You can follow Aleo at the links below.