- The KYC is stored as a Verifiable Credential and can be used to open an account or create a company with one click.
- The IOTA Foundation seeks to make financial institutions more GDPR-compliant.
The IOTA Foundation, in conjunction with Dutch bank de Volksbank, has created a reusable Know Your Customer (KYC) Proof of Concept (PoC) on IOTA’s open-source Self-Sovereign Identity (SSI) demonstration app Selv.
This is to remedy the tedious process of creating accounts and signing up for services by entering the same details several times. It is especially inconvenient when signing up for a financial service such as a bank or cryptocurrency exchange account. Such services usually require that a user provide digital copies of sensitive personal documents for verification in order to comply with KYC and Anti-Money Laundering (AML) legislature. For every account of this nature that a user creates, they will have to provide such documentation.
The IOTA Foundation has been working on a technology called the Identity Actor as part of its recently released IOTA Identity. The IOTA blog defines the Identity actor as;
The Identity Actor is a program that can send and receive requests and responses related to Self-Sovereign Identity (SSI) and data management. This means that the IOTA Foundation is building a program that understands how to ‘speak identity’ with other Identity Actors.
The demo using this technology seeks to show how SSI can be used to create a safe and reusable KYC that is in compliance with General Data Protection Regulation (GDPR).
The demonstration, available on the Selv app, allows users to create a unique ID and complete a randomised KYC. The KYC is then stored on the app as a Verifiable Credential. The user can then make use of their KYC credential in the simulated environment of the Selv app to perform actions such as registering a new company, creating a bank account or even liability insurance. It eliminates the need for one to enter the relevant details and upload documents for each of those processes. Instead, users only need to share their Decentralised Identifiers (DIDs) and prove ownership of them.
Data protection and regulation in the financial sector
In recent years, in addition to the need for better KYC verification, there have been calls from governments to improve the handling of user data. As a result, companies are wary of storing client data if they cannot guarantee its security. The IOTA Foundation, through its SSI projects, and the latest Selv demo in particular seeks to make financial institutions more compliant with regulation while giving back clients power over their data and how it is handled.
Michiel Sollet, Innovation Manager, at de Volksbank commented;
The biggest upside of Decentralized Identity technology is that it puts control of personal data firmly into the hands of the owner: the customer. A decentralized ecosystem will make the KYC process more hassle-free — for banks and customers alike. Being a bank that adapts to its customers’ needs rather than the other way around, de Volksbank sees great potential in DID to further advance its ambition to carry out its banking services according to the principle of shared value. This means that our stakeholders – all four of them – must experience equal added value: customers, society, employees and our shareholders.