Exchanges are desperate to please the regulators. Is your privacy at risk?
Over a year ago a Reddit user raised a red flag when talking about Bittrex and its KYC process. The thread titled “Bittrex.com may be illegally selling your KYC photos to criminals” contained a fistful of valid points. And all these debriefed the integrity of the KYC process.
But it was the cryptocurrency influencer Heidi’s recent video that rekindled our desire to dig further. In the video, she talks about why she feels KYC is a scam.
First things first, what is KYC?
Some time ago a good portion of centralized exchanges made KYCs mandatory. “We want to know our customers better,” that’s the kind of rationale they mentioned. According to them, KYC is their safeguard against financial crimes and regulators. This seemed to bode well both for traders and the exchanges.
But the tables have turned. Now, the traders are discontent. That’s because they are asked to submit highly sensitive and personal details. For example, residence address, social security number, utility bills, birth date, citizenship, and government-issued photo ID, latest photograph and even a photo of your bank card.
Undoubtedly, the nature of the information demanded is highly sensitive. In an attempt to appease the regulators, the exchanges seem to be treading a fine line between customer privacy and regulatory demands.
Your privacy is at risk
Now you might be ok with sharing your private info with credible exchanges. But how do you feel about hackers obtaining it? After all, the Binance KYC hack in August 2019 proved that sensitive data is not in safe hands. Millions of KYC documents were leaked. As per the hacker’s statement, Binance never contacted him to check the legitimacy of the claim.
But this not the only risk. Bear in mind that the exchanges asking the KYC information hand over all the sensitive data to a third party for processing. Binance, for instance, admits that Refinitiv is its KYC partner. But not all of the exchanges are willing to share this type of info.
In her video, Heidi mentions the example of a cryptocurrency exchange that outsources its KYC verification services to Fractal. From the privacy policies of Fractal, it is evident that the company is not taking the privacy of the KYC information too seriously.
Why is “No KYC” a trap?
The centralized exchanges sensed that informed traders will not trust them with private data for long. Now the exchanges seem to be turning to a “No KYC” tactic instead. There is a reason why we call it a tactic.
The platforms that offer the “No KYC” option allow traders to create an account within a few seconds. For instance, recently, Justin Sun, CEO of Tron, created a Level 1 account on Poloniex within 20 seconds. Accordingly, the traders can start depositing and trading at lightning speed. And this is exactly how the exchanges trap the traders.
The KYC comes into a picture when the trader wishes to withdraw his/her funds. For example, Poloniex poses a withdrawal limit of $10K per day without KYC but there are others that do not allow any withdrawals without KYC.
Never-ending KYC demands
The KYC process is not a one-time thing. It seems the exchanges are demanding valuable private information from traders as a “ransom”.
Crypto traders have raised voice against exchanges becoming invasive about KYC. In the comment section under Heidi’s video, a user called David Raborn said Bitterex is asking him for more KYC details by 14th Jan (Image 1), while others, namely Charles Patterson, complained of “Fresh Selfie” demands time and again to allow withdrawals (Image 2).
Image 1 Source: amia.io
Image 2 Source: amia.io
KYC side effects
Each country has a set of KYC laws so that the financial bodies can avert risks. For the cryptocurrency exchanges to operate in a particular jurisdiction, they are required to comply with the KYC process.
To keep on the right side of the law the majority of exchanges adopted the KYC model. And others moved to countries like Malta where no stringent KYC compliance is required. As these laws have no specific standards, the exchanges are becoming invasive. This leads to some potential side effects. These include:
- Exposure to the dark web
Trader’s sensitive information might end up being exposed to the dark web, where identity thefts are a common occurrence.
- Limiting the usage of cryptocurrency
If we aim to use cryptocurrency like regular fiat, then we need to have a different setup. The one that does not require us to produce our KYC information for every withdrawal.
- It is not Satoshi’s version
Satoshi’s version of decentralized currency did not want the users to present a government ID to buy cryptocurrency. Thus this set up is not purely decentralized.
Turn it around
In order to trap the bad actors in the space, the exchanges and regulators are jeopardizing sensitive information of millions. It makes little sense. All this has turned the crypto ecosystem into a surveillance market, making it a honeypot for data hackers. Both the exchanges and regulators need to find out a better way out.
Let us know your opinion about whether KYC is a scam.