August 15, 2018
Smart cryptocurrency users understand cybersecurity - there’s no way around it. The irreversibility of transactions is a key feature of trading cryptographic tokens, after all. If someone gains access to your wallet and buys a Lamborghini with your bitcoin, there’s no credit card customer support line you can call to get the charges cancelled.
In the traditional economy, the system is a lot more forgiving. If you live in Europe or the United States, you are probably all too familiar with the “one click” payment option on sites like Amazon. All you need to do is log into the website and click “pay.” If someone manages to steal your password, they can buy just about anything - but most of the time you will be able to call your credit card company or Amazon itself and get the charge cancelled.
In fact, according to laws like the Fair Credit Card Billing Act in the United States, if your credit card was stolen and then used to make purchases of more than $50, it is illegal for the company to make you pay for that charge.
The reason why this type of law can exist is because there exist other laws that say that the credit card company must be tracking the identities of the people who make payments using their services. These laws - often referred to as “Know Your Customer (KYC)” regulations - make it possible for law enforcement and loss prevention departments to distinguish genuine users from criminals, and (sometimes) to locate and prosecute fraudsters.
How cryptocurrency users deal with the irreversibility of transactions
Despite all the recent advancements in the mainstreaming of cryptocurrencies and the token economy, few real inroads have been made to address the irreversibility problem. The main strategy for users to protect themselves can be summed up as an individual responsibility to keep their wallets secure. This can mean deep cold storage for private key backups and advanced cryptography. This could just mean keeping the key written on a piece of paper stored in the back of a dusty copy of “The Great Gatsby” from 10th grade.
Of course, for some, irreversibility is not a problem - it is a sign of decentralization. But the fact of the matter is, if cryptocurrencies are ever to be a truly mainstream means of exchange, their users must be protected in one way or the other. Additionally, as security tokens are rapidly growing in popularity, some efficient method must exist for tracking who carries out the transaction.
A better alternative
The best strategy towards ensuring that participants in the rapidly growing token economy are protected is to take a real, pragmatic, approach to compliance, with KYC at the center of this effort. Once cryptocurrency transactions are traceable to a sender, real protections for crypto consumers will become a reality.
Some of the more dedicated crypto activists might make the argument that cryptocurrency and token transactions cannot and should not be tracked. Tracking these things requires a centralized authority, they might say. But is this really the case?
We at Blockpass believe that decentralized KYC is possible. And we are ready to prove it.
Building a self-sovereign identity
Currently, the internet as we know it is in a state of transition - from Web 2.0 to 3.0 - from centralization to decentralization.
In e-commerce as it has been carried out since its invention, important user information is stored on servers - third party servers, which often don’t even belong to the e-commerce platform itself, but to a contractor. This information is easily manipulated, stolen, or sold.
As internet progresses towards Web 3.0, e-commerce customers will be put back in control of their data, and information gathered to meet KYC requirements will be stored in a more and more user-centric manner. A user-centric identity is made up of information that is stored only in those locations expressly designated by the user.
Where data is stored is only one fraction of the decentralization equation, of course. Other important factors include identity verification and authentication. Once a solution is found to keep users in full control of their data during these processes, something like self-sovereignty may even be achievable.
The Blockpass User-Centric Identity Application
Recently, we released the Blockpass Identity Application, which enables users to create, manage, store and delete user-centric identities that can be used to access any online service that requires KYC, such as token sales, cryptocurrency exchanges, and certainly e-commerce. The Blockpass platform features a shared-cost infrastructure, where users need only to get verified once and then can access any manner of services, thereby removing much of the KYC hassle for the user and also saving money for the service providers themselves.
Blockpass identities exist only on the user device. User authentication is managed using the latest blockchain technology, including so-called “child chains” which contain the root hash of a Merkle tree containing hashes of user data, and can be deleted by the user at any time.
For e-commerce, perhaps the most interesting aspect of Blockpass is the PASS token. PASS tokens are unique among ERC20 standard tokens in that they are “KYC tokens.” In order to carry out a transfer of PASS tokens, the sender must possess a Blockpass self-sovereign identity. This, of course, is a great first step towards fully traceable - and fully decentralized - crypto transactions, and it is in this way that that Blockpass is opening the door to real consumer protection in the token economy.