For the second year in the cryptocurrency market, the controversy around the Fifth Directive, created with the support of the FATF, has not subsided. It requires users of digital currencies to undergo identity verification. BeInCrypto’s editorial staff figured out which exchanges securely store users’ data. The recent WhatsApp story has raised another wave of controversy about the protection of personal information that users hand over to companies when going through the KYC procedure. For cryptocurrency traders, this is a mandatory step without which they will not start a cryptocurrency exchange.
According to the international anti-money laundering organization (FATF), these measures will help prevent financial crimes and prevent the sponsorship of terrorism. However, by providing information about themselves to cryptocurrency exchanges, users risk their own money, because if the data is leaked or stolen, fraudsters will have copies of passport, cryptocurrency wallet key and more.
Why exchanges needs to “know their client”
Just a few years ago most cryptocurrency exchanges were anonymous and didn’t require users to go through KYC (know your customer) procedure. At the same time, a huge number of cases of money laundering through cryptocurrencies were registered in the market, as well as the black market was actively developing, where digital coins could be used to buy drugs, computer viruses, smuggled jewels, illegal drugs and many other things.
According to Chainalysis research, in 2020 there were about 1 million bitcoins rotating in the darknet space, of which 300,000 VTC were coins that were stolen from users’ wallets or cryptocurrency exchanges. In comparison, in 2017 this figure was 22% higher. The decline in the darknet market is largely due to the implementation of the KYC procedure, which became an integral part of the Fifth Anti-Money Laundering Directive (5AMLD), adopted globally on January 10, 2020.
It became much more difficult for cryptocurrency fraudsters to withdraw funds from exchanges or launder money using cryptocurrency because the trading floor had the user’s personal information, including a copy of their passport or identity documents. If suspicion arose, regulatory and supervisory authorities could easily identify the potential criminal and prosecute.
The introduction of the KYC procedure was initially not welcomed by users or cryptocurrency exchanges, which asserted that identification contradicted the nature of blockchain – anonymity. Constant leaks of customer data also added fuel to the fire. For example, in December 2019, the Poloniex exchange announced a massive leak of users’ personal information. And at the end of 2020, hackers stole more than 1 million user email addresses from Ledger.
How to go through the KYC procedure
In fact, there is nothing complicated about the KYC procedure, and it can be completed in just a few minutes, especially in the initial stages if you are not going to withdraw large sums from the site.
Despite the fact that each exchange has its own requirements, in general, the procedure is similar and fits into a few standard steps.
- To begin with, you will most likely have to confirm that the user is over 18 years old, otherwise crypto trading will be banned completely.
- Choose the country of registration and residence, as well as upload a copy of passport or other identification document.
- Then you need to take a photo with your phone or computer camera. Sometimes exchanges require you to take a photo of yourself with your passport.
- And, finally, agree to the data processing and send it for review. Verification is complete.
Let’s consider the requirements of cryptocurrency exchanges to users and also analyze where and how exchanges store information.
To make full use of all Binance features, customers must go through the KYC procedure and provide the following information:
- full first name and last name;
- country code;
- electronic address;
- utility bills;
- home address;
Encryption technologies such as PCI scanning and multi-level encryption of secure sockets can be used to transmit and store your personal information. Binance also reports that access to vaults and buildings where servers with user data are installed is restricted to a limited number of people in order to minimize physical contact with the data storage devices.
The KYC procedure requires personal data to be provided. Users of crypto exchanges need to accept this as a fact and choose trading platforms that are able to minimize the amount of data collected and guarantee the protection of personal information according to global and European standards.