Cryptology ePrint Archive: Report 2021/907

zkKYC: A solution concept for KYC without knowing your customer, leveraging self-sovereign identity and zero-knowledge proofs

Pieter Pauwels

Abstract: Businesses that are subject to AML/CTF regulation must meet their KYC obligations. In this context, to establish and verify a customerís identity, the customer is required to share personal information with these businesses. This creates a Pareto dominated situation where a customerís privacy is typically traded off for the mandated transparency requirements. In addition, this privacy erosion also reduces the security and safety of the customer as shared personal information can be passed on or stolen and used against the best interest of the customer (e.g. identity theft). Recent innovations in self-sovereign identity and zero-knowledge cryptography, along with proper ecosystem design, allow for a novel approach to KYC that protects the customerís privacy without reducing transparency. The proposed solution concept, zkKYC, removes the need for the customer to share any personal information with a regulated business for the purpose of KYC, and yet provides the transparency to allow for a customer to be identified if and when that is ruled necessary by a designated governing entity (e.g. regulator, law enforcement). This approach breaks the traditional privacy vs. transparency trade-off and provides structured transparency, resulting in a net positive outcome for all parties involved.

Category / Keywords: applications / privacy, structured transparency, know-your-customer (KYC), zero-knowledge proof (ZKP), self- sovereign identity (SSI)

Date: received 4 Jul 2021

Contact author: pieterpauwels at protonmail com

Available format(s): PDF | BibTeX Citation

Version: 20210705:185208 (All versions of this report)

Short URL: ia.cr/2021/907


[ Cryptology ePrint archive ]