A new partnership is creating an anonymous identity scheme to meet regulators and users in the middle when complying with KYC/AML regulations.

FATF’s Crypto Guidance

The Bitcoin community and friends flipped their sats over the Financial Action Task Force’s (FATF) latest nonbinding guidance for keeping tabs on cryptocurrency activity (essentially, the report recommends that cryptocurrency companies monitor user identities and share this information with regulators if called upon). Folks were particularly torn up over FATF’s prescription for crypto’s equivalent of the travel rule, a statute in banking that requires banks to share information on clients when they transfer over $1,000 to another institution.

This, as you could easily reckon, did not go over well with Bitcoin’s cypherpunk faithful. So, blockchain analytics company CipherTrace and attestation platform Shyft are developing an anonymous identity protocol which, the partners claim, will allow crypto service providers to share information without disclosing user identity. This would mean keeping regulators happy without having to sacrifice sensitive client information — unless regulators sniff out wrongdoing, that is.

A Compromise

According to a press release shared with Bitcoin Magazine, the partnership wants to mediate between government officials, crypto companies and cryptocurrency users by creating a proof-of-knowledge identity protocol that doesn’t relinquish user information. In function, this would resemble something like a zero-knowledge proof, which is a cryptographic function that allows one party to reveal that it knows certain information without conveying the information itself.

The solution involves a smart contract platform with shared access between exchanges and other relevant cryptocurrency service companies. This cryptographically secured tool will facilitate an identity hub that will satisfy FATF’s crypto travel rule while also keeping the true identity and information of each user concealed.

“A blockchain will be used as an identity database where all contents are encrypted, and key management is used to only allow access to receiving or sending parties as required. Using privacy preserving encryption we can fulfill requirements of verifying that sender and beneficiary information is recorded, and associated with [specific values], but the privacy of the counterparts is preserved,” CipherTrace CEO Dave Jevans told Bitcoin Magazine.

This doesn’t mean that exchanges and regulators won’t have access to personal info if they want it, however. The data bridge will allow its overseers to disclose information “when compelled to do so by legal authorities,” though this is already something that happens today (see Coinbase forking over user information to the IRS, for example).

A CipherTrace representative told Bitcoin Magazine that, if seeking info on a non-native person, authorities “would have to file a mutual legal assistance treaty (MLAT) with a cooperative country” to ascertain this personal information. MLAT is a mechanism through which a government can seek information on a foreign individual by going through another governing entity that has records on the individual in question. So, this MLAT procedure would only apply for governments seeking non-natives, while governments could solicit companies directly for information on individuals within their jurisdictions.

Overall, it’s CipherTrace’s hope that this solution will encourage responsible disclosure of persons of interest without compromising the personal data of your everyday, law-abiding citizen, and the company believes that the guidance actually signals that the industry is growing up.

“FATF is focused on extending Anti-Money Laundering and Counter Terrorist Financing regulations to virtual currencies. Those regulations were put in place over 70 years in response to global threats on a massive scale. Virtual currencies coming under such regulation is a good thing… it shows that they have grown up and are making an impact on the global financial system,” Jevans said.

