Pages:
Author

Topic: KYC - IDENTITY VERIFICATION or IDENTITY THEFT (Read 419 times)

legendary
Activity: 1134
Merit: 1598
August 13, 2021, 09:15:17 AM
#38
~
Such true words, man. So many people tend to forget that the authorities do have a long history during which they have used the personal and sensitive information of citizens to fulfill their own agendas, no matter if good or bad. The fact that so much of your information sits in their hands at all times is crazy, and what's even crazier is that people don't care!

But I think we got too used to living in normalcy (or have been used to do so until 2020) that we just forgot about how rough a government could become in a matter of days. We've somehow been taught that no matter what, governments will take care of you and will ensure you have a beautiful life but the reality is quite contradictory. There will come a time when our (or our childrens') information that they collected will be used against us. It's more about when than if. But again, best we can do is just protect ourselves and try to wake up others as well. And between you, me and the government, the last is imo the most evil out of us.. so by trusting them instead of you, I might actually be making my biggest mistake lol
staff
Activity: 3304
Merit: 4115
I don't give a fuck if the NSA is spying at me, if they are not doing something wrong with it, that's all. Anyway your government already have your bills and ID Card, your arguments against the government are full of bs. If they want to kill you, it will be fast. If they want to keep tracking you by watching in the e-commerce's databases they will find your new adress too.
They aren't trying to kill you, well in most cases anyway. What they are trying to do is actively manipulate you. For example, you ignoring that the NSA can gather information off of you, or these days any Tom, Dick or Harry can, isn't a problem as long as they don't do anything bad is ludicrous. Do you not consider being manipulated into buying products as bad? Just because you've shown some interest in it in the past, or visited a related site. We on in a world full of advertisements these days, and they will actively try to manipulate you into buying their products, and they use your previous data, and site history to determine how best to make money from you. How is that not bad?

There's also the element that most exchanges as mentioned above have been hacked. That means, your trusting someone to hold your personal documents, and if they are ever compromised you are relying on them to hold them securely. However, history has taught us that even security firms have made massive security mistakes in the past, and continue to do so. So, how can we expect an exchange to follow all the protocols? You can't, because you can't trust them to do that. It's not just the government, hackers are usually someone that's looking to profit of the information that they gather, so if they have gathered your information, you might actually be in a precarious situation, you could potentially become a target to scams or even physical threat. This is why, and this should be evident to anyone that uses Bitcoin, you shouldn't rely on third parties when it comes to personal finances, and data. It just doesn't make a whole lot of sense for the majority of people. There are some cases which you could argue KYC is beneficial or a third party managing your funds, but those that few, and far between.

You wouldn't be willing to give me, a random stranger your data so why do you expect the government any other third party that has a registration attached to their business to be more trustworthy? They are literally the ones which have clear incentives to use your data to either get more money from you or influence your decisions in life. Where as, I'm just another Bitcoin user that cares about privacy. I absolutely hate the authority syndrome that most people seem to have, but when it comes to privacy, and the fact that its quite well documented these days; probably better than ever people are still oblivious to it.
legendary
Activity: 2268
Merit: 18748
Now we are helpless because we need to use centralized exchange to convert currency to currency reason its higher fees on decentralized exchange.
Not necessarily. Most decentralized exchanges charge lower fees, and if you don't find an offer with a spread you like you can simply create your own.

Though we can trust biggest exchange
All the biggest centralized exchanges have been hacked in the past. You absolutely cannot trust them.

but recent hacking in polynetwork also proof that where decentralized is not secured how centralized can be secured.
That's some DeFi scam nonsense. Truly decentralized exchanges cannot really be hacked because they are not holding any coins or any personal information.

But even if it's unavoidable, I always make sure that the KYC is worth it.
Having your identity stolen can lead to tens of thousands of dollars worth of debt and damage. KYC is never worth it for some bounty nonsense which will be worth a few bucks at most.
member
Activity: 966
Merit: 25
Ton Together | Save Smart & Win Big
I absolutely agree with this statement that KYC is really important and we should not take KYC lightly. It's our identity and we should keep it tightly so there won't be an unexpected issue in the future. Author, allow me also to add another perception regarding this. As a bounty hunter, I also face this dilemma every day when you need to do KYC in some exchanger or even their own exchanger to receive the rewards. To minimize the risk, before taking the project, I always do some background checking first if the project is legit or not, whether they oblige KYC or not. Usually, they will state it on the thread or from the beginning if they need KYC or not and I avoid some KYC needed projects. But even if it's unavoidable, I always make sure that the KYC is worth it.
hero member
Activity: 1974
Merit: 592
For me all KYC verification project is scam.I never again join project with KYC.
In the past for every project I’ve done KYC was scam. So someone  there stole my identity.
This can be very dangerous.In general, transactions should be anonymous, Why then KYC?
member
Activity: 285
Merit: 11
$CYBERCASH METAVERSE
There are more projects stealing identities than those asking for KYC for verification purposes only, the bitter truth is there is no way to know which is which unless you decide to never go for any project asking for KYC verification, government/ centralisation involvement in crypto is why KYC is inescapable in most cases
full member
Activity: 700
Merit: 182
All of the central exchange, wallet wants kyc verification to use their service. Without verification they made the service linited. But that is the threat what we are facing because we also seen lots of biggest exchange use third party service for completing kyc process. Which is more dangerous where a bot was working for instant verification. And its a very big option for hacker. Now we are helpless because we need to use centralized exchange to convert currency to currency reason its higher fees on decentralized exchange. Now what we can do. Though we can trust biggest exchange but recent hacking in polynetwork also proof that where decentralized is not secured how centralized can be secured. Thats it from me. Thank you.
legendary
Activity: 2268
Merit: 18748
I don't give a fuck if the NSA is spying at me, if they are not doing something wrong with it, that's all.
Then feel free to go and complete KYC at every exchange in existence if you like. No one is going to stop you. But you don't get to force that nonsense on me. The whole "I've got nothing to fear from surveillance because I've got nothing to hide" thing is a completely nonsense position to hold, however.

I'd also be interested in what you define as "something wrong"? Building a profile of every website you visit, everywhere you shop, everything you buy online, every social media post you make, everywhere you go, all your communications, all your bitcoin transactions? That's fine? What about using that information to serve you ads? What about using it to affect the way you vote? What about using it to limit the information you can see online? What about using it to "re-educate" you if you say something the government doesn't like? Where do you draw the line? If you are completely fine with the government having complete control over you, then I would invite you to move to North Korea.
sr. member
Activity: 535
Merit: 267
It is difficult to decipher the actual meaning behind what you are writing.

If everybody is spying everybody we would know what your government want to do wrong or not, your president / government doesn't have an unlimited power.
The government is spying on everybody. Did you not read about Snowden and the NSA leaks? And most big corporations like Google and Facebook are assisting them, as are most centralized exchanges. If you complete KYC at a centralized exchange, then at some point the government will get their hands on your trading history and all your linked addresses. And they might not have unlimited power, but they certainly have an awful lot of it. Have a read about "indefinite detention" and "forced disappearance", both of which the US government take part in.

a military killing innocent people with a drone is also a member of the people
And who do you think orders those drone strikes? Or keeps ordering the military in to a variety of countries around the world, for that matter?

your government is not always award of each little decisions that must have been taken in few seconds or minut on a warzone.
I'm obviously not talking about heat-of-the-battle split second decisions. I'm talking about a pattern of behavior over years and decades of detaining/torturing/murdering innocent people.

Tortured innocent people, by who ?
By government sanctioned programs and facilities. Guantanamo bay tortured people for years, with the majority of people there eventually being released without charge. Or what about the Abu Ghraib prison? Or the Bagram facility. Or Khalid El-Masri? Or the years of "enhanced interrogation techniques"?

Still, we are going off topic here. My underlying point is the government is not your friend. They are spying on you, they are using blockchain analysis technology and methods, and they can not be trusted to act fairly or even legally. Completing KYC is giving the government a free pass in to all your financial dealings with bitcoin.

KYC is always a risk.

What about the animals you are killing and eating everyday dude ? you can eat vegetarian.

You seems to deliberaly forget everything about why all those actions has been taken, you also don't know the word "Evolving" and "Changing".

I don't give a fuck if the NSA is spying at me, if they are not doing something wrong with it, that's all. Anyway your government already have your bills and ID Card, your arguments against the government are full of bs. If they want to kill you, it will be fast. If they want to keep tracking you by watching in the e-commerce's databases they will find your new adress too.

Snowdem is an egoist who think that nobody should be spyed because he never have been raped by a pedophile / he doesn't have much empathy. This dude is doing nothing helpful for the humanity, before him we already knew "everything" about what he leaked  Wink At least about the surveillances (what seems to be his most "important revelation", as a lot of people i laughed so hard when i heard that)

The guy who replied just before you and who talked about how the criminals could use our informations is totally right, but you....  Roll Eyes constantly talking about the past and how the governement is the real problem but not biggest criminals. Please talk to me about 1945 and the prehistory.

I'm stopping here.


ps: i'm not english at all, just trying to share my science despite the fact that this world is full of believers sharing their story / talking about how we all had shit in our pants 10 or 10000 years ago.



legendary
Activity: 2268
Merit: 18748
It is difficult to decipher the actual meaning behind what you are writing.

If everybody is spying everybody we would know what your government want to do wrong or not, your president / government doesn't have an unlimited power.
The government is spying on everybody. Did you not read about Snowden and the NSA leaks? And most big corporations like Google and Facebook are assisting them, as are most centralized exchanges. If you complete KYC at a centralized exchange, then at some point the government will get their hands on your trading history and all your linked addresses. And they might not have unlimited power, but they certainly have an awful lot of it. Have a read about "indefinite detention" and "forced disappearance", both of which the US government take part in.

a military killing innocent people with a drone is also a member of the people
And who do you think orders those drone strikes? Or keeps ordering the military in to a variety of countries around the world, for that matter?

your government is not always award of each little decisions that must have been taken in few seconds or minut on a warzone.
I'm obviously not talking about heat-of-the-battle split second decisions. I'm talking about a pattern of behavior over years and decades of detaining/torturing/murdering innocent people.

Tortured innocent people, by who ?
By government sanctioned programs and facilities. Guantanamo bay tortured people for years, with the majority of people there eventually being released without charge. Or what about the Abu Ghraib prison? Or the Bagram facility? Or Khalid El-Masri? Or the years of "enhanced interrogation techniques"?

Still, we are going off topic here. My underlying point is the government is not your friend. They are spying on you, they are using blockchain analysis technology and methods, and they can not be trusted to act fairly or even legally. Completing KYC is giving the government a free pass in to all your financial dealings with bitcoin.

KYC is always a risk.
sr. member
Activity: 535
Merit: 267
Really? You mean like the thousands of innocent people the police have killed in the US? Or the thousands of innocent civilians we have drone striked? Or maybe when our government performed human experimentation and torture on innocent people? Hell, we've even arrested people for giving food to homeless people. And we are supposedly one of the most "developed" and "civilized" countries in the world. Ha.

If everybody is spying everybody we would know what your government want to do wrong or not, your president / government doesn't have an unlimited power.

You are talking about people killing people, a police officer is a member of people, a military killing innocent people with a drone is also a member of the people (you written "we" so it includes the people and you are aware of it)
And some time because of the terrorists yes there are collateral damages, not everytime because of the terrorists that's true but who take the decisions ? think twice before publishing your comments, your government is not always award of each little decisions that must have been taken in few seconds or minut on a warzone. I was thinking like you when i was 15-18 to be honest.

Some people are taking individual actions and they are even lying to your president or whoever they want, it's like you, you are lying to me in order to make your opinion/belief more valuable and this is the biggest problem today in our world because most people are acting like you, we do not need belief but science. Some governments are acting like you, some other aren't but they are a bit pretentious and bad in science so they are not taking good decisions and anyway it's not always easy for all of them.

Tortured innocent people, by who ? cartels ? gangsters ? girls tortured by blake jacob the rappist who got 7 shots in the back ? by the nazi ? by few people in the US army who aren't representing the whole government ? Dude, a bit of honesty, we live in a world of chao don't add some.

I'm talking about improving your world.

Ps: most people are eating animals while they can evolve to eat vegetarian, of course they aren't innocent at all.

As a software and game engineer, KYC is very helpful to lifeban cheaters and make them cry  Smiley
That isn't why its implemented though. Its implemented because its often a government requirement. Gambling websites usually have a similar sort of system in place, where you can only deposit/withdraw large amounts once you have verified your identity.

I'm not even sure how someone could cheat on an exchange.

As a software and game engineer, KYC is very helpful to lifeban cheaters and make them cry  Smiley
No, not all of us are claiming that identity theft is a massive issue. Although, it definitely is an issue so we can't ignore that, but a proper exchange or any service for that matter should be storing this kind of information off the server, rather than live.

We are saying that users of these platforms should be thinking more about their privacy, and should be valuing it more. The fact that, selling on data is a lucrative business, is something we have all probably become aware of in modern times. How many times, have you received a spam phone call? Now, sometimes this might be by random, and the caller is doing a brute force approach, but often it can be because someone has sold on the data.

(it's not that hard to steal people ID cards and documents without internet, it's very easy... no need to hack a database,  it's more easier to break your door or pockets than most servers over internet)
Ignoring the difficulty of this, which I don't believe is easy either online or offline. The fact is, when your data is compromised on the internet, its likely not just your details which have been compromised, but thousands or even millions of users, which makes it a lucrative business. You might be right that a physical theft might be easier, but you're probably going to leave a trace if you aren't a Ninja. On the internet, there are ways of concealing your identity, things like Tor are probably used by criminals frequently, and that's probably why there are rumours that the government also host exit nodes, to catch them.

However, to get to my original point. Lets just assume your statement is correct, that doesn't mean we should just ignore the very real fact that servers, and data get compromised a lot more on the internet, this is simply because; its a larger target area. You likely, only know around <100 people that know your real life address, and most of them and won't be interested in criminal activities, but on the internet someone doesn't personally need to know you, they just need to know where the service stores their data. They don't need any personal connection to you, and thus there will be more malicious users, trying to steal data, than in a physical way. So, while it might be easier to get this information locally, there are far more people trying to compromise your data online, and therefore the chances of significantly more than in person.

You guys obviously don't know anything about security and programming, you may be an engineer in toilet paper.
Well, the original point of the thread has nothing to do with programming. Plus, the cheating aspect you bring up seems to be more likely to be encountered in online gaming, rather than a cryptocurrency exchange. Even then, they don't require KYC. So, if I was going to counter your argument of "anti cheat", then it would be many successful games filter out most of the cheaters without introducing KYC.

Besides security, and privacy are similar, but aren't the same. You don't need to know programming to understand what is, and isn't a privacy breach. Same as, you don't actually need to know programming to understand what is secure, and what isn't. In a work place, you usually have someone come up with the ideas of security implementation, via a simple, but concise explanation, and are usually referred to as a design plan. The expect one person, to come up with a sophisticated security implementation is, rather unrealistic. Most security matters are developed by many people, due to the complex nature or they are simply using existing libraries.

Securing any system, be it online or a local system is probably one of the most complex jobs in programming. Just think, how many bugs you have programmed in your life, well they might have not meant anything on the grand scheme of things, but in a security aspect they could potentially be exploited, so any security implementation is usually extensively reviewed.  

You being a software engineer, doesn't necessarily confirm you understand the programming aspects of security either. Software engineer is such a broad term, and might mean you've actually never touched any of the security aspects of a program or one that an exchange might use, and to what level. Especially true, if you work within a team, and aren't doing it alone as you usually cover a certain part of the code. For example, you might be responsible for the verification aspect of emails, or the system which extracts the ID from the live server, removes it, and then deposits it somewhere else.

I couldn't possibly claim to know every aspect of security, that would just be absurd. Its why as companies we bring in experts in a particular field, and look for people with experience in a particular thing. Satoshi did a brilliant job, and is considered a genius within the field by many or if not a genius definitely a pioneer, but there was still bugs, vulnerabilities, and other exploits within his code. It definitely wasn't perfect, and anyone claiming to have a perfect system, is likely either lying directly or knowingly trying to mislead others to thinking that as you could never be 100% sure.

Like seriously, if you take a look at most companies out there, they've been exploited, hacked or breached. Google who employ top level people within the field for a lot of money, Bitcoin, Facebook, Microsoft, and this forum. They've all been compromised at some point, even when they have multi millions going into security. So, to go back to the original point you should be wary of putting your personal information anywhere let alone places where their security budget is lower than average.





I'm not talking about exchanges / gambling websites but e-sport.

For the rest, i already know because i'm involved into defensive and offensive security since more than ten years, so it's not new, doxing cheaters and criminals is not as bad as you can think.

The KYC is evolving as the ID Card and all the rest, we shouln't stop KYC but improve it.

We can already get your adress by hacking tons of e-commerce database and it will probably be always the case.

"Well, the original point of the thread has nothing to do with programming. Plus, the cheating aspect you bring up seems to be more likely to be encountered in online gaming, rather than a cryptocurrency exchange. Even then, they don't require KYC. So, if I was going to counter your argument of "anti cheat", then it would be many successful games filter out most of the cheaters without introducing KYC."


Of so you don't know anything about what you are talking about, you don't know anything about programming and gaming dude, otherwise you wouln't tell such bs. Show me the game Wink You are getting merit by lying ahah.  Grin

Guys, stop saying bs when you aren't game software engineer.


"So, if I was going to counter your argument of "anti cheat", then it would be many successful games filter out most of the cheaters without introducing KYC."  Grin

Explain it technically and show me the games  Wink You don't know what you are talking about, you don't deserves your merits points. It's crazy.

The only games that can be protected at 100% are the gambling games because the players don't have enough controls to cheat, he only have to randomly choose something and the server are taking all the decisions (it can be vulnerable only if it's not well coded)

At the moment with our human technologies we cannot protect all the games especially the FPS.

Don't publish a comment about computer security when you are working at walmart dude.

"Merited by Foxpup (4), o_e_l_e_o (2), DdmrDdmr (1), ChuckBuck (1)" all those guys must be very bad at computer security.

Don't want to be harsh but you are clearly dispectful by lying like that just to defend an opinion. Guys, be honest, you are right on a lot of things but damn... don't talk too much like that when you don't know the reality.

By the way, if the games are on a webbrowser you cannot load an anti-cheat on the OS, we have to work with AI that can be bypassed if the cheaters start to understand the algorithms / how it works (and in the OS we can bypass it too because the hardware are not well protected and the OS too)


In one sentence you proved that you don't know anything about security and so i close the debate. That said, i respect the fact that you may want to improve this world and the peace as much as possible.

Don't even try to talk computer security/science with someone if you are a believer sharing beliefs. 2 comments full of beliefs with fake technicals informations. It's not helpful for anyone to continue a debate in this condition, more when those who receive the merits points are lying/talking without studying and experiencing before.
hero member
Activity: 2268
Merit: 588
You own the pen
The problem is that we have no choice when they require us to pass verification. All conducted IDO require passing KYC and if you do not agree with this requirement, then you need to refuse to participate in the public sale of tokens. But some campaigns require verification even before you hit the whitelist. Thus, it is not yet known whether you will receive your coins or not, but you must pass the verification. Such moments should be avoided.

Submitting KYC in the bounty campaign is the most dangerous thing you can do with your personal information since there is no guarantee that they will gonna keep it privately or not. some of the centralized exchange demands it in order for you to trade and to withdraw your money from their platform. I read some of the participants of bounties have been forced to submit their personal information so that they will able to get their rewards from those exchanges. if they don't submit anything, they won't be able to withdraw anything.
hero member
Activity: 1372
Merit: 783
better everyday ♥
Every time you get in a car you take a risk. Doesn't mean you should drive with your eyes closed.
but if you have risked too many times, it will become a habit, and you will no longer feel so afraid, until disaster strikes. If KYC becomes a habit when using centralized exchanges, many people will probably do KYC everywhere, which is a really dangerous thing.

You won't be saying that when your identity is stolen and you end up on the hook for $50,000 in debt and credit cards you didn't open. You won't be saying that when someone links your identity to being an active bitcoin trader and shows up at your house to steal your bitcoin. KYC is always a risk.
he won't be afraid until he encounters something bad from his identity being revealed, those who don't know will never be afraid  Cheesy

You have absolutely no idea where your information ends up and who has access to it after you complete KYC.
I think we have a simulation process. we do KYC, identity is revealed on that platform, then it is passed to a third party for verification, third party will probably store it in some cloud, cloud data providers may use and analyze such data for their own purposes, eventually, data in the cloud can be leaked or hacked, it is moved to a new side, and a new loop can start. Up to 3 different parties capture our identity before it moves to the new round, and we don't know how many rounds our identity will be moved. In short, it's extremely dangerous!

Not correct. I have never completed KYC and I trade between fiat and bitcoin regularly via peer to peer trades on platforms like Bisq.
great that you have a good P2P platform to use, where I live P2P platforms still require KYC for buyers  Undecided

You guys obviously don't know anything about security and programming, you may be an engineer in toilet paper.
Well, the original point of the thread has nothing to do with programming. Plus, the cheating aspect you bring up seems to be more likely to be encountered in online gaming, rather than a cryptocurrency exchange. Even then, they don't require KYC. So, if I was going to counter your argument of "anti cheat", then it would be many successful games filter out most of the cheaters without introducing KYC.
If it were me, I would ignore comments like that, because it doesn't go right to the point we are discussing, this guy also shows no respect for us through the use of words
staff
Activity: 3304
Merit: 4115
We know that that doesn't happen though. Not only do they store your information online, but they send it over the internet to third parties for verification, processing, storage, etc. You have absolutely no idea where your information ends up and who has access to it after you complete KYC.
Absolutely, that's the harsh reality is that the companies that you are giving your data to aren't looking after them like you would expect. They use third parties which they define in their terms of services, but those third parties might not even have any policies set out to protect your data. Then, I have no doubt that some companies are also breaking their own terms of service, and it would be hard to prove.

In the modern times, we give up our data super easily, and being able to track who is selling it on can sometimes be difficult. One tip that I've seen mentioned is to sign up to websites that handle your personal data, is just to use a throwaway email. Although, most of us don't check these throwaway emails, and that means you might miss something important, so personally I would recommend signing up to services with [email protected] that way if your data gets sold on, and you start to receive spam emails, then you know that at least some of your data has been sold on.

Obviously, if you are not required to give up your information, and there are alternatives which allow you to keep your data safe, then absolutely always pick those over anyone that you might not be sure. For example, those that don't legally require KYC. As you mentioned, peer to peer.

To be able to lessen the risk of leaking information about yourself, always check whether the exchange or platform you want to join has credibility, and are not exposed to leakage of account before, KYC is being used all over the world it is the responsibility of the company to take care, or even leak the information or sell those to someone, we really don't know what will happen in the future since hackers have their ways to get it.
Sure, although that isn't based on anything concrete. Its hard to prove who sold your data on or when it can be stolen by malicious users. So, it is better to avoid putting that information out there if you can find a good alternative for you.
legendary
Activity: 2268
Merit: 18748
Some people will go through the verification steps as soon as they create an account on an exchange, I think it's a habit.
Any centralized exchange can lock your account and demand KYC at any time. If you don't care about completing KYC, then you might as well just do it to prevent your account being locked in the future.

Data breach can happen anywhere in this world online or offline it doesn't matter so living this life is already a risk
Every time you get in a car you take a risk. Doesn't mean you should drive with your eyes closed.

and if data breach happens I don't care
You won't be saying that when your identity is stolen and you end up on the hook for $50,000 in debt and credit cards you didn't open. You won't be saying that when someone links your identity to being an active bitcoin trader and shows up at your house to steal your bitcoin. KYC is always a risk.

but a proper exchange or any service for that matter should be storing this kind of information off the server, rather than live.
We know that that doesn't happen though. Not only do they store your information online, but they send it over the internet to third parties for verification, processing, storage, etc. You have absolutely no idea where your information ends up and who has access to it after you complete KYC.

you can only escape KYC verification if you don't need Fiat
Not correct. I have never completed KYC and I trade between fiat and bitcoin regularly via peer to peer trades on platforms like Bisq.
sr. member
Activity: 1106
Merit: 310
To be able to lessen the risk of leaking information about yourself, always check whether the exchange or platform you want to join has credibility, and are not exposed to leakage of account before, KYC is being used all over the world it is the responsibility of the company to take care, or even leak the information or sell those to someone, we really don't know what will happen in the future since hackers have their ways to get it.
member
Activity: 375
Merit: 15
$CYBERCASH METAVERSE
Sooner or later you can't do without KYC in crypto space, I used to avoid KYC by all means but things turn around when the only platform I used for crypto to Fiat exchange starts demanding for KYC, you can only escape KYC verification if you don't need Fiat
staff
Activity: 3304
Merit: 4115
As a software and game engineer, KYC is very helpful to lifeban cheaters and make them cry  Smiley
That isn't why its implemented though. Its implemented because its often a government requirement. Gambling websites usually have a similar sort of system in place, where you can only deposit/withdraw large amounts once you have verified your identity.

I'm not even sure how someone could cheat on an exchange.

As a software and game engineer, KYC is very helpful to lifeban cheaters and make them cry  Smiley
No, not all of us are claiming that identity theft is a massive issue. Although, it definitely is an issue so we can't ignore that, but a proper exchange or any service for that matter should be storing this kind of information off the server, rather than live.

We are saying that users of these platforms should be thinking more about their privacy, and should be valuing it more. The fact that, selling on data is a lucrative business, is something we have all probably become aware of in modern times. How many times, have you received a spam phone call? Now, sometimes this might be by random, and the caller is doing a brute force approach, but often it can be because someone has sold on the data.

(it's not that hard to steal people ID cards and documents without internet, it's very easy... no need to hack a database,  it's more easier to break your door or pockets than most servers over internet)
Ignoring the difficulty of this, which I don't believe is easy either online or offline. The fact is, when your data is compromised on the internet, its likely not just your details which have been compromised, but thousands or even millions of users, which makes it a lucrative business. You might be right that a physical theft might be easier, but you're probably going to leave a trace if you aren't a Ninja. On the internet, there are ways of concealing your identity, things like Tor are probably used by criminals frequently, and that's probably why there are rumours that the government also host exit nodes, to catch them.

However, to get to my original point. Lets just assume your statement is correct, that doesn't mean we should just ignore the very real fact that servers, and data get compromised a lot more on the internet, this is simply because; its a larger target area. You likely, only know around <100 people that know your real life address, and most of them and won't be interested in criminal activities, but on the internet someone doesn't personally need to know you, they just need to know where the service stores their data. They don't need any personal connection to you, and thus there will be more malicious users, trying to steal data, than in a physical way. So, while it might be easier to get this information locally, there are far more people trying to compromise your data online, and therefore the chances of significantly more than in person.

You guys obviously don't know anything about security and programming, you may be an engineer in toilet paper.
Well, the original point of the thread has nothing to do with programming. Plus, the cheating aspect you bring up seems to be more likely to be encountered in online gaming, rather than a cryptocurrency exchange. Even then, they don't require KYC. So, if I was going to counter your argument of "anti cheat", then it would be many successful games filter out most of the cheaters without introducing KYC.

Besides security, and privacy are similar, but aren't the same. You don't need to know programming to understand what is, and isn't a privacy breach. Same as, you don't actually need to know programming to understand what is secure, and what isn't. In a work place, you usually have someone come up with the ideas of security implementation, via a simple, but concise explanation, and are usually referred to as a design plan. The expect one person, to come up with a sophisticated security implementation is, rather unrealistic. Most security matters are developed by many people, due to the complex nature or they are simply using existing libraries.

Securing any system, be it online or a local system is probably one of the most complex jobs in programming. Just think, how many bugs you have programmed in your life, well they might have not meant anything on the grand scheme of things, but in a security aspect they could potentially be exploited, so any security implementation is usually extensively reviewed.  

You being a software engineer, doesn't necessarily confirm you understand the programming aspects of security either. Software engineer is such a broad term, and might mean you've actually never touched any of the security aspects of a program or one that an exchange might use, and to what level. Especially true, if you work within a team, and aren't doing it alone as you usually cover a certain part of the code. For example, you might be responsible for the verification aspect of emails, or the system which extracts the ID from the live server, removes it, and then deposits it somewhere else.

I couldn't possibly claim to know every aspect of security, that would just be absurd. Its why as companies we bring in experts in a particular field, and look for people with experience in a particular thing. Satoshi did a brilliant job, and is considered a genius within the field by many or if not a genius definitely a pioneer, but there was still bugs, vulnerabilities, and other exploits within his code. It definitely wasn't perfect, and anyone claiming to have a perfect system, is likely either lying directly or knowingly trying to mislead others to thinking that as you could never be 100% sure.

Like seriously, if you take a look at most companies out there, they've been exploited, hacked or breached. Google who employ top level people within the field for a lot of money, Bitcoin, Facebook, Microsoft, and this forum. They've all been compromised at some point, even when they have multi millions going into security. So, to go back to the original point you should be wary of putting your personal information anywhere let alone places where their security budget is lower than average.



member
Activity: 420
Merit: 13
$CYBERCASH METAVERSE
Data breach can happen anywhere in this world online or offline it doesn't matter so living this life is already a risk, I trust top exchanges with my identity information and if data breach happens I don't care, it's been like 2016 now that I've know about KYC and many exchanges have gotten hacked since that time or even before and till date KYC safety remains a mystery
hero member
Activity: 1372
Merit: 783
better everyday ♥
KYC will never be guaranteed safe forever because we never know where, when and for what it is used by irresponsible people when customer documents on a platform are leaked.
that's why I insist that we shouldn't do KYC unless absolutely necessary, although no KYC is the best way. I personally wouldn't do KYC when an exchange requires it, I will change and use another exchange, unless, I have some money there and they ask me to verify it so I can withdraw money, that's the only case where I feel that I need KYC.
Pages:
Jump to: