A few things about KYC🔻
The word KYC may be more commonly used in exchange platforms. Before that, there is actually a basic understanding that I want to tell you in advance: a platform with KYC does not necessarily mean absolute security or compliance. It just means that if the platform wants to be compliant, it must do KYC
At the same time, it does not mean that a platform without KYC will not work. At present, for the mainland user market, some small platforms will choose to bypass the KYC procedure to let you use their products
My core purpose is to express: I think Web3 as a whole is quite "black box". Whether the platform explodes or not, whether it runs or not, has nothing to do with whether you have completed KYC. Whether you have done KYC or not will not reduce the difficulty of your rights protection after the platform explodes
📍Let's talk about KYC itself. KYC (Know Your Customer), Chinese translation: Know Your Customer, is mainly used to prevent money laundering, stealing identity information for financial fraud and other crimes. The elements required for general verification are: name + ID card + liveness authentication, and sometimes external verification is added, such as email, mobile phone number, etc.
The exchange can grasp the real identity of the user through KYC. If there are risks or other problems in the transaction, the victim can find the user in the area through legal means, which is conducive to combating crime and protecting the safety of user assets.
But the devil is always stronger than the saint. In fact, anti-KYC means have been emerging one after another. With the development of AI, the live verification barrier has become easier to break through (recently, there have been market news that the KYC information of mainstream exchanges has been frequently exploited)
So the platform's corresponding [anti-anti-KYC] mechanism may also become severe, which is actually an inconvenience for ordinary users. This is why there is a general trend around the world: technological progress does not necessarily bring about the progress of civilization, but may also bring greater threats
In addition to basic KYC, there are other security assurance steps to further ensure the security of assets, such as: customer transaction identification (KYT)
📍This word rarely enters the field of vision of the general public. Compared with KYC, which focuses on the identity information of platform customers, KYT (Know Your Transaction) focuses on the transaction process
It is also a supplementary means of KYC, which can monitor transactions and deposits and withdrawals within the platform in real time. For example, the case we may have heard of: dangerous address identification, actually belongs to this category.
By marking some addresses on the chain that may be involved in or have been involved in crimes, the platform can respond in time when it receives assets from the address. This is the scope of KYT.
For example, there was a case recently in which a BN platform user's account was hacked and assets were transferred because of the use of Google plug-ins. In fact, it was the lack of monitoring of abnormal transaction behavior. However, I am not sure how technically difficult it is to do this. It may be necessary from the perspective of the platform. Consider the user feedback, after all, judging abnormal transactions is subjective
Web3's transaction methods are very flexible. If this mechanism is implemented, it may reduce the user experience of ordinary users
Web3's relative freedom is destined to make this industry in a state of rampant on-chain/off-chain attacks for a long time under the premise of strong regulatory red lines, unpredictable jurisdiction and unpredictable black swan events
Self-isolation of assets, making good use of cold wallets and additional independent platform accounts to avoid the risks that may be difficult to prevent inadvertently carried out in daily operations are what individuals can do more easily~
