As the cost of retail fraud grows year-over-year, merchants are constantly looking for ways to tackle security challenges and reduce their liability burden. Blockchain technology, with the ability to create secure digital wallets, offers intriguing potential solutions.
Know-your-customer regulations were designed as a due diligence to prevent financial institutions and individuals alike from fraudulent transactions. Though the focus is heightened security, the comprehensive data being captured and stored has been an easy target for criminals. The annual cost of fraud increased for the third year in a row, hitting $16.8 billion in 2017, according to a study by Javelin Strategy & Research.
In essence, because KYC encourages the collection and aggregation of personal information, it has left consumers vulnerable to identity theft. And as you may know, when stolen identities are used to make retail purchases, merchants are stuck eating the costs.
In simplest terms, the flaw in today’s data management is that information is collected and stored to begin with. This problem is only exacerbated by the fact that consumers are often required to share well beyond what’s needed. It’s like when you go to a bar and show your driver’s license to prove that you’re over twenty-one. On your license is your name, address, and license number. Does the bartender really need that information? All he really needs is certification that you’re over twenty-one.
The rest of it is now personal data that the bar can store and share however it wants. In short, you can’t ever be in control of your own information because you’ve handed over it to third parties, trusting that they will keep it safe. The reality, however, is that despite their promises, they can’t guarantee that it won’t be exposed to bad actors.
In the e-commerce realm, identity fraud reigns supreme. Fraudsters find security gaps, infiltrate data sources, and use other people’s data as their own. Blockchain offers solutions to combat the identity theft plague by allowing consumers to gain more control of their data through the creation of self-sovereign digital identities.
How Blockchain Can Fight Fraud
Today, criminals can take a card and make purchases by representing themselves as the card’s owner. With billions of dollars being lost to fraud each year, it’s safe to conclude that the checkpoints in place aren’t sufficiently verifying that the purchaser is actually the person whose name is on the card. A sovereign identity powered by blockchain would push KYC to the next level by enabling merchants to trust credentials presented by customers that have been issued by known entities. In many of these scenarios — like showing ID at a bar — the actual data doesn’t even need to be exchanged. Instead, it simply needs to be confirmed to the satisfaction of the recipient.
We’re already seeing frameworks emerge for anonymously managing and tracking identity data. The nonprofit foundation Sovrin, for example, has donated code for a decentralized identity framework to the Hyperledger Indy project. This initiative aims to deliver a decentralized identity system via blockchain that’s based on a universal platform for protecting user information and putting individuals in control of their own data.
The Indy solution is self-sovereign, which means a person or organization can compile a lifetime’s worth of identity data while maintaining control and taking part of any transactions involving it. It makes identity theft extremely difficult and removes the need for companies to store personal data.
Decentralized blockchain technology makes the process possible, as well as quick and accurate. KYC would become decentralized so that consumers and merchants would no longer depend on centralized entities to manage personal information. By creating a digital mechanism that verifies you are who you say you are at the time of purchase, security moves from the data aggregators to the root owner.
With this kind of framework, individuals would control their information and merchants would choose whether to accept the identity verification and payment. It’s a promise that not only fulfills the intention of KYC, but also closes existing security gaps. In doing so, it offers the only true protection for consumers and merchants alike.
This article originally appeared in Due.