Topic: KYC requirement from ICOs will open up a whole news area of scam (Read 607 times)

The solution to the first problem is something that the market -- ie. ICO investors -- need to enforce. If people would actually demand proper documentation instead of simply throwing money at every shiny new project they see this problem wouldn't exist. No documentation, no funding. It could be easy as that, but fact of the matter is that most people don't really care all that much as long as there's a quick buck to be made.

Working out a common standard is a big pain and some company or the community leaders will have to take that initiative to work out a common ground. Being decentralized in nature, it will still have to face credibility issue similar to what we are facing now with ICOs. That's what the pain point is. We are OK to provide our KYC data if we are absolutely sure about the identity of the opposite party and his intention. This is hard to achieve.

It's a pity, that this is not what we'be been expected. At all.

I agree, but decentralized.  Get fiat/crypto conversion exchanges (that you already give your KYC anyway) to work together on a common KYC standard that they all benefit from and contribute to.

This is how I think it should be done.

Governments keeping the KYC data and ICOs asking for KYC data are two very different scenario. Government is the owner of your KYC data because they issue your ID cards, so they ask for it, it's normal because we are assured about its security. But when an ICO does the same, there is a concern because we don't know about the identity of the ICO owner, neither we are sure about the usage of those KYC data. Identity theft is a big crime and can lead anyone to a big mess.



These are signs of scam and unless someone have bought significant amount of tokens, they should accept the loss instead of trying to get the token by providing the KYC data. Because if a company is not upfront with their communication, they don't have any business ethics. They are likely to mess up big time at any point of time. So your investment will be gone in any ways. 

We need to have services like Jumio or Onfido in this field. Where the investors will verify their identity and get an ID number. Now they can pass on that ID number to the ICO companies they are investing. The ICOs will be assured about the identity of that person but will never have the documents in their hand. That is one solution that I can see to overcome the KYC risk as of now.

Changing the rules after the game is wrong. For me it is a sign of a Scam. Probably the tokens of such ICO will not have prices. So you won't lose much if they don't give you tokens. But it seems to me that the duty to fight crimes is the duty of the state. ICO and cryptocurrencies don't have to accept the rules of this dirty game. KYC rules should not be accepted in the cryptocurrency community.

Experienced it in the past, before they say that immediately after the TGE happens everyone who bought in their ICO will receive their tokens. But after the TGE happens they announced in their website as well as their Telegram group that they will instead manually distribute their tokens which they are now requiring KYC, this is a really big catch in which they have not announced it earlier. Basically what happens is they are trapping you with only one choice as if you don't give your information and necessary requirements they are talking about you wouldn't receive your tokens you have bought from them.

I think the very first argument is something you just can't accept. I understand cryptos have that basic idea of anonymity and all but still whatever you say it doesn't really has the capability to turn the whole empires. You can expect cryptos to be used in normal day to day procedures but obviously government wants your data to keep every kind of control on you. The second point is just the biggest argument against this KYC scheme. There is probably no security measure that ICO owners take to keep a check on the security of KYC data so its a big concern.

That's exactly what I have mentioned in the point number 3. I have seen ICO bounties are not upfront about their requirement of KYC documents. I am active in few bounties and till date I didn't face any issue about the KYC. I always join the telegram group of the ICO and ask the admin of the group about the KYC requirement of the bounty participants. I only join the bounty after I get confirmation from the admin about the KYC requirement. Till date I have seen a very few ICOs are asking KYC from their bounty participants. Majority of them are not asking for KYC from the bounty participants. So it is somewhat OK as of now.


Lol! So you know how it feels when your identity data is misused by someone unauthorized. That's exactly I am trying to say to the community. Since you are from USA, you must be knowing that SSN data has an underground market. A lot of offshore call centers are associated in buying and selling of KYC data of USA people. But when it comes to ICO, no one is sure about their identity and the future usage of your KYC data. Till date, I have't seen a big scam surfaced from the ICO market on KYC data, but it may happen in future. So it's better to take precaution. 

I had created a POLL on that issue...it's very interesting what people think: give personal info or not to the start-up during ICO.
Participate too: https://bitcointalksearch.org/topic/vote-do-you-participate-in-ico-that-requires-kyc-your-personal-data-3105224

Yes, I agree that KYC information after you've performed work for them by participating in a bounty campaign or other promotional effort is outrageous.  Sounds like they're just looking for a reason to say you failed KYC and deny you the earned bounty.  I am concerned about the exchange of any unnecessary information whatsoever.  If an ICO is doing KYC I can understand that, especially given the current regulatory mess.  However, if they need to do that on bounty participants they should state that up front and do it in advance.

I've had my identity stolen twice in my life and it is not fun to say the least.  One time was, unfortunately, an ex-girlfriend, which I suppose I could have prevented though I had no way to know she'd turn out how she did.  The other person was apparently a federal prisoner and I only found out because the IRS put a hold on my tax filing because they'd already processed one from someone else with a return address of some prison in Arizona! (I live in New Jersey.)  Now I have to go through extra measures every year when I file my taxes, but I guess it's "for my protection".

Doesn't make me like the IRS any better, lol.

Best regards,
Ben

The requirement to pass the KYC test from the ICO companies is really a big problem for investors in such ICO campaigns, as well as for the participants of the generosity campaign. Of the 902 ICO campaigns conducted last year. about a third turned out to be fraudulent. This means that if these ICO companies demanded the provision of certain identification data and copies of passports to investors and bounty hunters, these persons transferred them directly to criminals. The problem is that nobody checks the participants of these companies and they try to collect such personal data. This is in any case wrong.

A serious problem is that. that ICO companies are beginning to require the provision of identifying information and copies of documents to the signatory campaign participants at the stage when the ICO campaign has already ended and it is necessary to pay counted tokens. After presenting such requirements to the participant of the signature campaign, there is no longer any right to provide such data or not. If they refuse to provide them, they simply do not pay the earned tokens. I believe that such requirements are presented at this stage in order not to pay out parts of the campaign to the signatures of the tokens they counted and then assign them to themselves. Practically this is a common fraud.

It should really be confidential but the big question is,if those companies asking documents are legit ones? or they would keep those documents in private and secured.If we do sent out any documents to other parties then we are not really assured that they wont leak out.For all investors out there where engage into ICO that do require it better to be careful on sending out informations towards your identity.Just submit those thing on your own risk,if you cant then don't invest to them.

You right. It should be decentralised BIG board of independent people who can confirm the identity of every new person.
For example, a person who wants to be verified (and pay for that 10 tokens)-> put request into the system with time and place when he want to present its original docs->> the system automatically figures out the nearest ALREADY verified people and offer them 9 tokens for the completing verification of that person (come to the predefined place and time). smith like that-)

There's a risk when we give out personal information to an ICO however it should still be part of the process. It would be truly chaotic if the ICO is an information phishing scam because the information they have gathered may be used against you. Investors must have some user protection upon submitting the KYC requirements. Having KYC requirements may be attempts to avoid money laundering or tax evasion but the investors should have protection along with it.

The ideal scenario is that a business you already trust, such as your fiat/crypto converter, has performed KYC as a part of your account onboarding with them.  Then they could participate in this pool and they would be the place you already trusted.  The data itself would be decentralized and in the custody of that business, acting as a KYC trustee. 

Working out some details related to different KYC jurisdictions.  Also have to sketch out under what conditions the information would be released, such as judicial order, etc.

KYC goes both ways in some sense.  Personally, I hope it eventually goes away entirely, or nearly entirely, but while it's necessary, I'm trying to find a way to comply that is as easy as possible for everyone involved and balances privacy issues.

I'm looking at Visa's model, they require KYC be done by banks in order to issue certain products as well as for merchant processing services.  They have to deal with different KYC requirements all over the planet.  I'm applying to that the FinCEN guidance on KYC but making it a more even system.

I also believe that ICOs should have to do KYC type verification so that you know who you're investing in.  The other day there was an ICO people were memeing on Twitter that used Ryan Gosling's picture as one of their team members.  That crap has to stop.

Best,
Ben

Document provided in ICO's for KYC completion may create some chaos if the ICO Team is fraud. We should never share our official documents on any open platform for KYC like telegram etc as it may create more problems for us. We should always submit the documents as per the process decided by the co. which is usually confidential.

After the appearance of such a regulator, the basic rule will be violated is decentralization. Very bad intentions can be concealed under a good pretext. Money and power spoil people. Who can guarantee that this body will not eventually turn into a repressive apparatus? I think I need another solution to this problem.

That's the plan.  Though it's not "one" entity in that it's a centralized point.  It's the one entity that YOU trust, which may not be the same as the entity that I trust.  All of the entities will be following the same rules for KYC, in federation essentially.  I don't want it to be a single, solo entity because that gives them too much power and control.  But sure, a few leaders that have earned trust for safeguarding the information would be the probable result.  But there's nothing stoping a new entity from coming into the field.

I have this on the drawing board, I want to make something of it.  I believe it would have great utility across the crypto field, and I've spoken to attorneys that believe if it was designed in the right way it would be fully legal and compliant.

Best regards,
Ben

Yes, it would be great if only one entity had request KYC info from a user with periodical updating and then share that info with another entities authorised by a user to share such personal info. It would safe a lot of money for the crypto industry and speed up its growing.

Such 'one' entity could focus only into the protection of that data.