“Bring Your Own” Decentralised KYC, Government Trusted, launching in January 2022
A new paradigm for KYC: removing the need for third-parties and KYC-as-a-service through self-credentialisation
What’s in this article?
- Dataswift has launched an entirely new “bring-your-own” KYC model with partners TODAQ & Grabba
- This combined solution allows any individual globally to self-credentialise, with government approval, and use those credentials across businesses, dramatically cutting costs and approval time
- The decentralised GOTO Identity, Credentials and Asset Ownership Security Product (TODAQ & Grabba) is integrated into the eKYC solution and powers secure P2P biometric access and ensures immutable integrity of eKYC assets and transactions
- Credentials stored within individuals’ Personal Data Servers (Dataswift) render citizens the legal owners and sole purveyors of their own sensitive information to businesses, and will enable instant onboarding with all participating businesses
Dataswift is pleased to announce its collaboration with TODAQ and Grabba which enables every individual worldwide to “Bring Their Own” KYC credentials to any business through the businesses’ own app or website.
KYC practices are carried out by companies to verify the identity of their clients in compliance with legal requirements around certain types of customer engagement. These requirements aim to prevent identity fraud alongside anti-money laundering (AML) regulations, which seek to stop illegally obtained funds from being presented as legal.
Two models exist for KYC today: the ‘DIY’ approach or KYC-as-a-service. Both remain fairly costly. While technology has brought automation to significant parts of the KYC process, largely eradicating internal costs, five pains prevail:
- Cost: most KYC requires every company to incur the same recurring costs of (a) creating and running the processes required to collect sensitive customer information and verify the necessary attributes (including automated service setup), and (b) securely storing customer data in a compliant manner whilst keeping it up to date. This does not include the risk of hefty fines that may result as a breach of KYC process regulation.
- Onboarding frictions & loss of revenue: loss of revenue through friction-fraught KYC processes is still driving customers away, with >35% of financial institutions stating that inefficient KYC onboarding procedures have lost them new customers.
- Cyber risk: individuals’ personal information is being sprayed across companies and government bodies, both within and between organisations, creating cyber security risks quite literally on a national scale – e.g., the 2015 US voter breach covering 191 million people. A total of 37% of financial institutions store a single customer's KYC data across more than four different systems and, when transmitting information for external verification, rarely is the data transmitted via any more than an unsecured spreadsheet in an email.
- Marginalisation of SMEs: current information sharing and KYC practices risk marginalising SMEs due to the above costs, which are often far too much for them to bear. This in turn gives more power to larger companies and fuels unbalanced markets for more local institutions.
- Discrimination: nearly all existing KYC models discriminate against those who do not have a good record of credentials such as the homeless, asylum seekers, refugees and the poor. This stops enormous swaths of the global population from ever being included and becoming contributors to society and the economy.
How it Works
Any organisation's app or website can embed a Data Passport feature with the eKYC Data Pass. When their users activate the eKYC Data Pass, they will be provisioned with a Personal Data Account within their own Personal Data Server (PDS), to provide a portable, verifiable and unique digital identity that can be biometric (fingerprint, face, iris, etc.) or sovereign ID (Passports, Driver’s license, etc.), together with any other data such as bank account. This will be self-captured by users, stored and hashed within their account, which gives them full legal ownership and control of all their information and the ability to license that information back to the organisation. Organisations can choose various eKYC Data Passes from Dataswift’s partners or create their own eKYC Data Pass for their business.
Also available as a single sign-on solution on an organisation’s own website or app, the eKYC Data Passes provide a simple binary digital confirmation that a customer is who they say they are with respect to specific pieces of information requested by the business. This means any person with a smartphone can securely and instantly self credentialise on-demand with businesses and official bodies worldwide via QR scans, email or text confirmations linked to websites, blockchain, any third-party app / SaaS, or physically in-person wherever Data Passports are accepted.
Users' ability to self-credentialise (e.g., proof of identity, educational credentials, bank transaction information) through their PDS extends beyond instant KYC with businesses. The PDS also allows for edge computation analysis of sensitive data where the result of that analysis only ever leaves the PDS to be sent to the business (e.g. a credit score, personalised insurance premium or health score). This completely replaces the insecure paradigm used today where customers are asked to hand information to the business for them to store and analyse in-house where it then sits forevermore, with little to no onward use, waiting to be hacked or leaked.
The eKYC Data Pass, due to its ease and low cost, also opens up new opportunities such as identity verification for companies who’d like to do KYC but aren’t legally compelled to do so. For example, monitoring access to rationed resources for NGOs that distribute medical and food aid to refugee, asylum seeker or homeless communities.
In the new year, Dataswift will announce the use of the eKYC Data Pass in an open-source citizen app and will showcase various global case studies around its use.
What the CEOs Say
Hassan Khan, CEO of TODAQ: “The cost and friction of KYC requirements have been a long-standing entry barrier to markets that demand useful, cost-effective and interoperable solutions. The TODA technology ensures P2P transfer of value and verification without brokers, and intermediaries that drive up costs and security risks. Bringing that into the eKYC Data Pass solves a growing demand from consumers and businesses. We’re very pleased that this collaboration between Dataswift, Grabba and TODAQ can unlock market access for those currently left out.”
Micah Walker, CEO of Grabba: “For decades Grabba has earned the trust of governments, organisations and the people they serve through securing Identity for millions of people. Dataswift liberates the value of personal data and now Grabba is liberating Identity, bringing the binding proof of Identity to data, bringing trusted transaction capability to developers and businesses everywhere. Through the combination of Secured Identity through the intelligent TODAQ distributed ecosystem, with Dataswift’s data ownership capability, we are offering a growth vehicle for the decentralised data economy and the cities of our future.”
Irene Ng, CEO of Dataswift: “Data Ownership through Data Accounts is the heartbeat of the future Data Economy, much like Wealth ownership through Bank accounts drive the payment economy. Decentralising data ownership enables markets to function more efficiently, in ways that are private, safe and secure, allowing businesses to have better relationships with their customers and create value with their data whether they are a large corporation, government or an SME. We are very pleased to partner with TODAQ and Grabba to advance the decentralisation mission that is so much needed in our economies today.”
About our Partnership: Making Portable, Verified, Unique & Secure eKYC Possible
The eKYC Data Pass is made possible through a collaboration between Dataswift’s Personal Data Server infrastructure, TODAQ’s Web3 TODA protocol distributed ecosystem and Grabba’s biometric and identity security technology.
“Portable”: Dataswift’s Personal Data Servers, spun-out in seconds on-demand, allow individuals (or businesses) to securely pull, store and legally own their own data for onward use with any third-party. Once stored, Dataswift’s patented infrastructure enables sharing of specific data attributes (either primary data or metadata) outside of the PDS via Data Passes which license the information on a contractual basis to third parties. For more information see https://dataswift.io and https://datapassport.com
“Verified”: Grabba secures identity by capturing and validating Identity through an application using the existing camera and technology on your smartphone. With a uniquely secure and efficient token architecture, customers can open accounts within KYC regulated systems, certify assets to access and own their data – anywhere. For more information see https://www.grabba.com/products/grabba-id/
“Unique & secure”: TODAQ is a deep-tech cryptography company building an open-source layer of Web 3.0 data integrity and application protocols to allow for the creation, ownership, control and P2P transfer of unique digital assets between systems. From governments and corporations to small businesses and individuals, everyone can use TODAQ products to have real ownership and control of their identity, data and assets. For more information, see https://todaq.net