While it could be argued that Non-Fungible Tokens (NFTs) have been around since 2012 in the form of ‘Colored Coins’, the first ‘boom’ was due to blockchain-based virtual game – ‘CryptoKitties’. Ever since, we’ve seen the rise and fall of similar projects across the Opensea marketplace. Although wacky art and meme projects are the first that come to mind, NFTs also have the potential to serve as a use-case in the security domain. However, in the unregulated world of cryptocurrency, this may be slightly concerning for businesses as there is a lack of central authority.
Similar to how COVID-19 forced vendors to mature their security offerings, the current push for regulation is forcing crypto influencers, like Ethereum’s founder, Vitalik Buterin, to overcome external verifications. For businesses to stay current, they will not only need to understand the everchanging landscape of cryptocurrency but also how ID verification techniques are necessary and will continue to evolve. As barriers to typical verification techniques such as AML (Anti Money Laundering) and KYC (Know Your Customer) become stronger, common vendors will need to develop their current strategies to adapt to the new landscape.
NFTs and their potential
Anonymity and privacy are key values for many crypto influencers and investors. To maintain privacy, Buterin proposed the idea of private NFTs that use ‘stealth addresses’ to hide owners’ identities, essentially hiding the identity of an NFT recipient from anyone except the new owner.
Since NFTs act as a certificate of authenticity for digital assets, it is no surprise they are attractive mediums for ID verification. Each NFT or token has a unique, original set of characteristics that cannot be duplicated on the blockchain. However, according to the recent Forrester report around IDV, the process differs depending on the type of solution required, whether that be a KYC process or a Business Partner Onboarding one. Although the first step of Business Partner Onboarding is identical to ‘consumer digital onboarding’, the second step involves verifying the verified identity is authorised to open an account to conduct business on behalf of their organisation. Therefore, it is unclear how NFTs would be able to adapt to each use case process.
So, although ID verification and NFTs seem to have the same goals in mind when it comes to security, the lack of central authority breeds questions around trust, legitimacy, and accuracy.
Freedom must come with security
The decentralised nature of cryptocurrencies can attract bad actors, and because cryptocurrency is not strictly controlled, asset recovery can be impossible if a private key is stolen. Crypto investments aretherefore deemed riskier than regular investments since investors are solely responsible for keeping their private keys beyond the reach of hackers.
Crypto also presents KYC challenges. In 2019 more than two-thirds of cryptocurrency exchanges did not adopt adequate KYC principles. Decentralised Exchanges (DEX), and anonymous peer-to-peer trading can, in some cases negate the need for KYC rules. Large exchanges implementing DEX can opt for lower infrastructure costs, increased security and user-controlled tools. Yet finding a suitable provider offering minimal costs and guaranteed data security remains a real challenge for much of the industry. Businesses still need effective, accurate and trustworthy, and cross-sector ID verification solutions, at an affordable price point for all.
Security is the goal
As the scope for ID verification continues to widen, businesses need to assess their identity verification needs and put their customers first instead of simply jumping on the bandwagon of new, flashy technology. Without a central authority to confirm the legitimacy of an identity, businesses may suffer when it comes to governmental procedures regarding verification. As well as being able to intervene during a malicious attack, a central authority can provide organisations and their customers with increased confidence pertaining to identity verification. This is because a central body is also a central knowledge hub and point of contact for a range of concerns.
While new Identity Verification processes may look like an easy option at first, problems can arise later down the line. As regulations begin to take effect, it will become increasingly necessary for businesses to select a trustworthy solution, which takes care of verification quickly and effectively, whilst keeping up with developments in the industry. For customer security to truly be depicted as a concern for businesses, they need to be implementing widely trusted and approved solutions.
