August 28, 2018

How the KYC Might Be Dangerous for the Investors

Most of the time in our posts we focus on the CTO point of view, launching Initial Coin Offering. The other side of the story is equally important. The duty of the person creating new cryptocurrency is to also make sure that the users’ experience will be the best possible, and their data will be perfectly safe.

If you would like to know more on what KYC process is and how is it implemented in the Initial Coin Offering process, take a look at our previous post on ICO software development:
>> How to launch an ICO project

KYC for crypto investors

Let’s take a look for a moment at the KYC process from the investors’ point of view.

You find the website of the project you want to invest in, decide that it’s reliable and safe to send them your money.

You log in.

And to transfer the funds, you have to send your sensitive data, ie. ID scans.

Here’s where the friction arises, well expressed by the investors: how do you know that your data is being stored in a secure way, even if the company is a proven and legal project?

Security of the KYC process in ICO

When you launch your ICO project, KYC is an essential process – if you deal with US citizens, you are obliged by law to confirm their identity. You have to simply check, if they are real people, and not terrorists or criminals.

You have basically 3 options to choose:

  1. Avoid US market and performing KYC at all. It’s potentially dangerous for your project, as it can close some business paths and open the others, leading your ICO to become a money laundering pit.
  2. Perform KYC inhouse, and delegate your employees to check the IDs. This option requires tough security policies and safe IT solutions. Personal data is a valuable asset, and can be an attractive target for the thiefs.
  3. Outsource the KYC process. There’s a number of vendors that can help you with that and release you from the burden. You simply plug them into you ICO software. However, it can be expensive – cost for one user can be as high as 8$, leading to considering the token bundles you offer.

Inhouse KYC process

The first and the last options are easy. The second one is tricky for the investors, as there are no regulations regarding licensing of the entities, that can perform KYC.

It means that if you don’t put much effort into it, their data may leak from your system and fall in the wrong hands. And there’s no one to check if you do it properly.

That’s why you have to put a great care in processing the data internally, introduce proper safety policy in your company and invest in IT security. A whole other topic is how to pitch your efforts to the investors. Your KYC process has to be presented in a clear, transparent and reliable way, that you are not a criminal organization or a terrorist cell.

Whatever you do, remember that KYC is a fragile process, and you have to be sure that your ICO is perfectly secure.

Do you have an ICO idea? Consult it with a blockchain software house.

Our software development team has a vast experience with similar projects. We’re ready to help.

August 28, 2018