KYC sharing with user consent based on Modrna
Issue #95
closed
Saving KYC cost is a big topic. Technically, we can send the PKI signed JWT from a bank to another for non-repudiation. There has to be a claim on the level of KYC.
For transparency and authorization, we can leverage Modrna user questioning etc.
Food for thought.
Comments (5)
-
reporter
-
People working with KYC here (Denmark) claim that KYC as such (and hence the level of KYC) is not portable as the financial institutions apply each their proprietary and secret algorithms. Whereas the individual underlying attributes (pieces of evidence) can be reused. But is is also the evidence collection process that is tedious and expensive.
-
I personally believe that sharing user information without explicit consent is (or should be) outside the scope of OpenID in that it is not even remotely open.
Another point is that KYC is expensive as you point out. So, why would any KYC organization be willing to share that with a competitor?
I would point to the following article which endorses a tiered approach to identity in banking for the explicit purpose of including a larger share of the human population. KYC share currently has no concept of level of assurance. It is binary, the customer qualifies for an account or they do not. https://leveloneproject.org/wp-content/uploads/2015/04/The-Level-One-Project-Guide-Designing-a-New-System-for-Financial-Inclusion1.pdf
-
and a final point. As the ING bank has already proven, in the US at least, that KYC share is already possible in that the new bank can determine, using existing functionality, that the user qualified for a depository account at another FI. The interbank payment protocol inadvertently provides that proofing. So I would argue that KYC share does not add value.
-
reporter
- changed status to closed
We now have a dedicated WG: eKYC/IDA.
- Log in to comment
For transparency purposes, having traces of what's been done in KYC would be a good idea. Maybe on blockchain?