Although cryptocurrencies such as Bitcoin, Ethereum and Dogecoin are becoming more mainstream, it’s still a relatively new sector. As such, regulation of the crypto industry is continuing to evolve as financial industry regulators review and scrutinise the practices of cryptocurrency exchanges and other crypto companies to prevent money laundering and identity theft.
Unfortunately, as the value of some cryptocurrencies has increased exponentially in the last few years, so too has the interest of fraudsters. With consumer interest growing rapidly, vast amounts of money being transferred worldwide and regulators playing catch up, it has created a near-perfect breeding ground for identity fraud and money laundering.
Fraudsters have exploited weaknesses in the security of crypto exchanges by creating new accounts using fake identities and using stolen identities to take over existing accounts and empty wallets of any available coins. Given the scale and sophistication of these attacks, crypto exchanges and other crypto companies have been quick to recognise that greater security and regulation is needed.
Today, cryptocurrencies are coming under increasing regulation. That means that all organisations that allow consumers and organisations to buy and sell cryptocurrencies must comply with several Anti-Money Laundering (AML) and Know Your Customer (KYC) regulations. In short, this means that cryptocurrency exchanges and other crypto companies must quickly adapt.
Common practices like asking users to upload a copy of their ID and a photo of themselves or their signature are no longer sufficient. Not only do they not meet KYC and AML standards, but they can also be faked with images stolen from social media or personal information shared on the dark web.
Crypto companies must embrace more robust identity verification methods to check the identity of their users and safeguard their assets. Yet while complying with regulation is a top priority for many organisations operating in the crypto sector, it’s also important to deliver a convenient experience for users when they are creating accounts, logging in or making trades. A balance must be struck.
Companies log and track every interaction and behaviour you exhibit in an attempt to make your life easier in some way. For example, Facebook is pioneering some new AI bots in their messenger app so you can order flowers with a simple verbal instruction. A lot of this new information is attributed alongside traditional ‘static’ identity data. This ‘dynamic’ identity provides a much more real-time view of who users really are. Why does this matter? Because compromising this new dynamic identity could mean that new types of fraud and privacy invasion reach all-time highs.
As crypto companies seek to strike this balance between security, compliance and convenience, many are now using sophisticated identity verification solutions to verify the identity of users. Typically, ID verification services work by processing data from a range of different sources to check and verify the identity of account holders. As well as ID documents, this can include contextual data, such as phone numbers and IP addresses, or third-party data, such as voter registration information. By consulting multiple data sets, crypto exchanges and other companies can significantly reduce the risk of identity fraud.
There are several important moments when crypto companies may need to verify a users’ identity such as customer onboarding. Some of the most common include when users are opening a new account, making a high-value trade or attempting to transfer the contents of a wallet elsewhere.
In many of these moments, users may be asked to provide proof of identity. This could be by typing in a unique code sent to a mobile device or e-mail address or uploading a photo of an ID document, so this can be authenticated against third party data, and taking a photo or video of themselves.
Yet, while identity checks can help to reduce fraud and build trust, many users expect to be able to create and use accounts easily with minimal friction. Crypto companies must strike a balance between enhancing the user experience and protecting profits, but that can be easier said than done.
Fraudsters are increasingly using false or stolen identities to target crypto companies. Some of the most common threats that organisations in the crypto sector are facing today include payment card fraud, phishing attacks and transfer fraud. A growing number of fraudsters are also using account takeovers to impersonate real users for financial gain or to move dirty money around.
This, in turn, is damaging trust and impacting growth, as some users feel less safe buying and selling cryptocurrencies. In fact, a third of consumers believe their personal information is available for sale, while two in five people are concerned that their personal information could be exposed when they are transacting online, according to the GBG State of Digital Identity 2020 report.
In the fight against fraud, digital identity verification is an important part of crypto companies’ arsenal, providing the information needed to quickly spot and stop fraudsters at scale, while delivering the seamless and secure experience that users now expect when trading online.
Hear from us when we launch new research, guides and reports.