Paper 2021/907

zkKYC: A solution concept for KYC without knowing your customer, leveraging self-sovereign identity and zero-knowledge proofs

Pieter Pauwels

Abstract

Businesses that are subject to AML/CTF regulation must meet their KYC obligations. In this context, to establish and verify a customer’s identity, the customer is required to share personal information with these businesses. This creates a Pareto dominated situation where a customer’s privacy is typically traded off for the mandated transparency requirements. In addition, this privacy erosion also reduces the security and safety of the customer as shared personal information can be passed on or stolen and used against the best interest of the customer (e.g. identity theft). Recent innovations in self-sovereign identity and zero-knowledge cryptography, along with proper ecosystem design, allow for a novel approach to KYC that protects the customer’s privacy without reducing transparency. The proposed solution concept, zkKYC, removes the need for the customer to share any personal information with a regulated business for the purpose of KYC, and yet provides the transparency to allow for a customer to be identified if and when that is ruled necessary by a designated governing entity (e.g. regulator, law enforcement). This approach breaks the traditional privacy vs. transparency trade-off and provides structured transparency, resulting in a net positive outcome for all parties involved.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Preprint. Minor revision.
Keywords
privacystructured transparencyknow-your-customer (KYC)zero-knowledge proof (ZKP)self- sovereign identity (SSI)
Contact author(s)
pieterpauwels @ protonmail com
History
2021-07-05: received
Short URL
https://ia.cr/2021/907
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/907,
      author = {Pieter Pauwels},
      title = {zkKYC: A solution concept for KYC without knowing your customer, leveraging self-sovereign identity and zero-knowledge proofs},
      howpublished = {Cryptology ePrint Archive, Paper 2021/907},
      year = {2021},
      note = {\url{https://eprint.iacr.org/2021/907}},
      url = {https://eprint.iacr.org/2021/907}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.