Topic: Why KYC is extremely dangerous – and useless - page 2. (Read 5843 times)
The issue here is the employee correct?
Hi @1miau, This is an important and useful topic and I would like to translate this to Urdu language for my Pakistani community. May I ?
HelloI'll quote my text from the OP here:
Reserving new translations is currently not available.
Unfortunately, officially reserving translations it not available currently due to previous abuses mentioned in Meta. Many thanks for your time and dedication to deliever a translation for our Nigerian local board. 
After officially approving it, I've added your translation to my list now:
KYC is staying a hot topic and to be aware how dangerous KYC can be is of very high importance.
Well done.
Thank you so much 1miau. I'm overwhelmed by the responses from my local members, especially the newbies, as some of them did not know the danger KYC poses. Your article is amazing and indeed an eye-opener. With the message conveyed, I believe most persons will have a rethink, whenever asked to perform KYC on any centralized exchanges or services.After officially approving it, I've added your translation to my list now:
KYC is staying a hot topic and to be aware how dangerous KYC can be is of very high importance.
Well done.
So, I'm also appreciating your effort very much for bringing this topic to your local board members.
That's a big part of sharing our knowledge.
Hi @1miau, This is an important and useful topic and I would like to translate this to Urdu language for my Pakistani community. May I ?
Many thanks for your time and dedication to deliever a translation for our Nigerian local board.
After officially approving it, I've added your translation to my list now:
KYC is staying a hot topic and to be aware how dangerous KYC can be is of very high importance.
Well done.
Thank you so much 1miau. I'm overwhelmed by the responses from my local members, especially the newbies, as some of them did not know the danger KYC poses. Your article is amazing and indeed an eye-opener. With the message conveyed, I believe most persons will have a rethink, whenever asked to perform KYC on any centralized exchanges or services.After officially approving it, I've added your translation to my list now:
KYC is staying a hot topic and to be aware how dangerous KYC can be is of very high importance.
Well done.
@Sokani, I made a similar comment in your translated post in our LB, there I narrowed my enquiry to our peculiarity in such as restriction on cards on FX and others. I will be happy to get a response there as well because many people might run into scam platforms trying to evade KYC, you should know how that will end.
Already responded on the LB. Sadly, scams are one of the challenges of P2P trades, but it's still the best and safest opinion. 
When your translation is ready, feel free to post a link here and I'll update my list.
Your effort is much appreciated.
Your effort is much appreciated.
Translation is ready
https://bitcointalksearch.org/topic/why-kyc-dey-extremely-dangerous-and-usesless-5477931
Those that will suggest DEX, is there any way to convert fiat to crypto and vice versa? At the point of entry and exit, you will be required to pay with card or do wire transfer, both of which are KYC'd, by so doing, have you truly beat the KYC process?
@Sokani, I made a similar comment in your translated post in our LB, there I narrowed my enquiry to our peculiarity in such as restriction on cards on FX and others. I will be happy to get a response there as well because many people might run into scam platforms trying to evade KYC, you should know how that will end.
When your translation is ready, feel free to post a link here and I'll update my list.
Your effort is much appreciated.
Your effort is much appreciated.
Translation is ready
https://bitcointalksearch.org/topic/why-kyc-dey-extremely-dangerous-and-usesless-5477931
Many thanks for your time and dedication to deliever a translation for our Nigerian local board.
After officially approving it, I've added your translation to my list now:
| Language | translated by | Title |
| ___________________________ | _____________________ | _______________________________________________________________________ |
| Nigeria (Naija) | sokani | Why KYC dey extremely dangerous – and usesless |
KYC is staying a hot topic and to be aware how dangerous KYC can be is of very high importance.
Well done.
When your translation is ready, feel free to post a link here and I'll update my list.
Your effort is much appreciated.
Your effort is much appreciated.
Translation is ready
https://bitcointalksearch.org/topic/why-kyc-dey-extremely-dangerous-and-usesless-5477931
Hello @1miau, I find this topic of your very interesting and I'd like to do a pidgin translation.
Hello, sokani Yes, you can translate my topic and I've already reserved your translation in my list:
| Language | translated by | Title |
| ___________________________ | _____________________ | _______________________________________________________________________ |
| Nigeria (Naija) | sokani (reserved) | reserved |
When your translation is ready, feeld free to post a link here and I'll update my list.
Your effort is much appreciated.
Hello @1miau, I find this topic of your very interesting and I'd like to do a pidgin translation.
In oppsite, on centralized exchanges we don't interact with anyone, the centralized exchange is managing everything.
The problems of centralized exchanges are different disadvantages compared to (semi) P2P trade sites like Bitcoin.de.
Centralization 3rd party / loss of funds when getting hacked etc.
I learned this phrase which just matches all too good for anything crypto related, and I turned it into a mantra which — no shit — has kept me mostly safe in Cryptoland for years: "There is no free lunch."The problems of centralized exchanges are different disadvantages compared to (semi) P2P trade sites like Bitcoin.de.
Centralization 3rd party / loss of funds when getting hacked etc.
While its original meaning slightly differs from this, I think it also applies here: at the end of the day, you have to decide which risk you prefer; there is no way without any risk involved:
- P2P trading: counterparty risk / risk of physical harm and potentially death
- CEX trading: risk of exit scam, hacks, KYC loss / misuse / extortion by the exchanges themselves
- marketplace trading: risk of harassment by authorities if you happen to trade with a criminal / counterparty uses a hacked bank account
- DEX trading: risk of loss of funds — hackers and scammers are not as dumb as they used to be, and keeping up with security is a tedious, neverending task. Also, this option lacks ways to convert from / to fiat money
As experienced people, it's much easier for us, how to assess such risks but still, we can't know everything, too. Learning is a constant process and especially with technologies moving forward, there'll be other challenges coming up. Crypto is moving quickly. For example just comparing MEW (MyEtherWallet) from today's version to what it has been in their early days. It's completely changed, but worse (in Germany we say "Verschlimbessert"
). I'm missing their straigt forward design and functions from pre 2018, it's a completely profit oriented concept right now. Security functions removed for targeting I'm still using MEW's pre 2018 versions offline and it's working very well, nothing compared to their bullshit updates.
I've had situations in category 2 and 3: I once lost ~USD 30.000 because an exchange kept my funds hostage, trying to force-KYC me without giving me the option to withdraw my funds and part ways in peace. It was a rather new Chinese exchange I was trying to sell mined coins on (pretty ridiculous to demand KYC + source of funds on mined coins, and they knew the coins were mined but still kept up that excuse for locking my account, which was a red flag), and when it became clear that I'm not gonna get back my money, I started publicly ruining any potential reputation they might have gained in the future until they closed shop for good.
Yeah, that really sounds like scamming on purpose to increase profits for the exchange (as an additional revenue for the exchange 
). I'm not an expert for exchange fraud but we've seen this from Bounties here on Bitcointalk not paying out promised rewards, exactly for the same reasons.
So, eventually, the risk can only be shifted, and an actual reduction of risk goes along with less features (which makes sense: do less things → have less exposure to risks involved with things) or a reduction in comfort. The best way to pick one's option is probably to know your strengths, the risks involved (and what danger they pose to oneself) and adapt strategies accordingly.
+1For every move, there are risks involved.
Is it woth buying a shitcoin to make a quick buck or will it be a rug pull / pump and dump?
Do I really need to hold my coins on an centralized exchange to trade / buy / sell quickly, risking my coins being frozen / hacked or should I go for an easy HODL in my own wallet?
It's really important to make a wise decision here. For me it better safe than sorry.
Edit: @ 1miau posted at 2:45 am – it's hard to get to sleep, right? So calm at night, nobody bothers you with random things... almost worth being tired next morning 
Yes, you are right indeed. It's like travelling with Deutsche Bahn. Avoid the rush hour.
I learned this phrase which just matches all too good for anything crypto related, and I turned it into a mantra which — no shit — has kept me mostly safe in Cryptoland for years: "There is no free lunch."
While its original meaning slightly differs from this, I think it also applies here: at the end of the day, you have to decide which risk you prefer; there is no way without any risk involved:
I've had situations in category 2 and 3: I once lost ~USD 30.000 because an exchange kept my funds hostage, trying to force-KYC me without giving me the option to withdraw my funds and part ways in peace. It was a rather new Chinese exchange I was trying to sell mined coins on (pretty ridiculous to demand KYC + source of funds on mined coins, and they knew the coins were mined but still kept up that excuse for locking my account, which was a red flag), and when it became clear that I'm not gonna get back my money, I started publicly ruining any potential reputation they might have gained in the future until they closed shop for good.
Bad marketplace experience (some know about my thread about this ^^) was a trade with someone using a compromized / stolen bank account, with police showing up at my door, harassing me and my family. This kind of risk can be reduced a bit e.g. by only selling to known, reputable users, for example market makers with a registered company which can be held liable in case of any issues.
So, eventually, the risk can only be shifted, and an actual reduction of risk goes along with less features (which makes sense: do less things → have less exposure to risks involved with things) or a reduction in comfort. The best way to pick one's option is probably to know your strengths, the risks involved (and what danger they pose to oneself) and adapt strategies accordingly.
Edit: @ 1miau posted at 2:45 am – it's hard to get to sleep, right? So calm at night, nobody bothers you with random things... almost worth being tired next morning
While its original meaning slightly differs from this, I think it also applies here: at the end of the day, you have to decide which risk you prefer; there is no way without any risk involved:
- P2P trading: counterparty risk / risk of physical harm and potentially death
- CEX trading: risk of exit scam, hacks, KYC loss / misuse / extortion by the exchanges themselves
- marketplace trading: risk of harassment by authorities if you happen to trade with a criminal / counterparty uses a hacked bank account
- DEX trading: risk of loss of funds — hackers and scammers are not as dumb as they used to be, and keeping up with security is a tedious, neverending task. Also, this option lacks ways to convert from / to fiat money
I've had situations in category 2 and 3: I once lost ~USD 30.000 because an exchange kept my funds hostage, trying to force-KYC me without giving me the option to withdraw my funds and part ways in peace. It was a rather new Chinese exchange I was trying to sell mined coins on (pretty ridiculous to demand KYC + source of funds on mined coins, and they knew the coins were mined but still kept up that excuse for locking my account, which was a red flag), and when it became clear that I'm not gonna get back my money, I started publicly ruining any potential reputation they might have gained in the future until they closed shop for good.
Bad marketplace experience (some know about my thread about this ^^) was a trade with someone using a compromized / stolen bank account, with police showing up at my door, harassing me and my family. This kind of risk can be reduced a bit e.g. by only selling to known, reputable users, for example market makers with a registered company which can be held liable in case of any issues.
So, eventually, the risk can only be shifted, and an actual reduction of risk goes along with less features (which makes sense: do less things → have less exposure to risks involved with things) or a reduction in comfort. The best way to pick one's option is probably to know your strengths, the risks involved (and what danger they pose to oneself) and adapt strategies accordingly.
Edit: @ 1miau posted at 2:45 am – it's hard to get to sleep, right? So calm at night, nobody bothers you with random things... almost worth being tired next morning
Nice post and I wonder which Chinese exchange that was!
I had the same situation with funds being kept hostage and it never ended well. But sometimes there was no other way around it. As you said when it comes to selling mined coins, it can be troublesome when it is not listed anywhere on a reputable exchange yet. Speaking of reputable, which exchange was even reputable in 2014? None of them could have built a history to trust in even if they wanted to. When I mined XMR in its very early beginning via AWS instances, there was no market for that coin. You could either go through tedious OTC trades on the forum, which is a nonstop back and forth sometimes and pricing is obviously subpar, or you decide to use this exchange that decided to be among the first to list it. I can't remember the name, damn it, but that was one time when my funds were kept hostage and not returned. In total it happened to me three times, but after the first time I became much more careful in terms of amounts I choose to deposit for trading and there was really only one time that was painful.
Now even if these scam exchanges request KYC, you almost instantly know that you could provide whatever documents they ask you to provide and it would change nothing. I guess in many cases they speculate that funds stem from illicit activities and therefore people refrain from providing KYC docs. But usually it is the other way around!
People don't provide KYC docs because they fear illicit activities on behalf of their personal data by the scam exchange operators. The system these scammers developed is quite sophisticated. In some cases have pretend to have some value proposition (for example, early listing of a new coin) that could make it seemingly worth it to deposit. They are grinding on the edge with their reputation such that you believe it could work out. Once you deposited and did some successful trades, you might be inclined to increase your deposit amounts. Out of a sudden, you are forced into the KYC procedure. You exactly know that you got scammed and there is no way out. There isn't even any recourse because you are afraid of data abuse and you can't call for help because you refuse to provide KYC data for a good reason in the first place.
Bottom line: better not touch centralized exchanges unless you absolutely have to! But the good thing is that the number of options besides CEX has increased significantly and also improved significantly.
Edit:
Edit: @ 1miau posted at 2:45 am – it's hard to get to sleep, right? So calm at night, nobody bothers you with random things... almost worth being tired next morning
I like that one! Quite some truth to it!
In oppsite, on centralized exchanges we don't interact with anyone, the centralized exchange is managing everything.
The problems of centralized exchanges are different disadvantages compared to (semi) P2P trade sites like Bitcoin.de.
Centralization 3rd party / loss of funds when getting hacked etc.
I learned this phrase which just matches all too good for anything crypto related, and I turned it into a mantra which — no shit — has kept me mostly safe in Cryptoland for years: "There is no free lunch."The problems of centralized exchanges are different disadvantages compared to (semi) P2P trade sites like Bitcoin.de.
Centralization 3rd party / loss of funds when getting hacked etc.
While its original meaning slightly differs from this, I think it also applies here: at the end of the day, you have to decide which risk you prefer; there is no way without any risk involved:
- P2P trading: counterparty risk / risk of physical harm and potentially death
- CEX trading: risk of exit scam, hacks, KYC loss / misuse / extortion by the exchanges themselves
- marketplace trading: risk of harassment by authorities if you happen to trade with a criminal / counterparty uses a hacked bank account
- DEX trading: risk of loss of funds — hackers and scammers are not as dumb as they used to be, and keeping up with security is a tedious, neverending task. Also, this option lacks ways to convert from / to fiat money
I've had situations in category 2 and 3: I once lost ~USD 30.000 because an exchange kept my funds hostage, trying to force-KYC me without giving me the option to withdraw my funds and part ways in peace. It was a rather new Chinese exchange I was trying to sell mined coins on (pretty ridiculous to demand KYC + source of funds on mined coins, and they knew the coins were mined but still kept up that excuse for locking my account, which was a red flag), and when it became clear that I'm not gonna get back my money, I started publicly ruining any potential reputation they might have gained in the future until they closed shop for good.
Bad marketplace experience (some know about my thread about this ^^) was a trade with someone using a compromized / stolen bank account, with police showing up at my door, harassing me and my family. This kind of risk can be reduced a bit e.g. by only selling to known, reputable users, for example market makers with a registered company which can be held liable in case of any issues.
So, eventually, the risk can only be shifted, and an actual reduction of risk goes along with less features (which makes sense: do less things → have less exposure to risks involved with things) or a reduction in comfort. The best way to pick one's option is probably to know your strengths, the risks involved (and what danger they pose to oneself) and adapt strategies accordingly.
Edit: @ 1miau posted at 2:45 am – it's hard to get to sleep, right? So calm at night, nobody bothers you with random things... almost worth being tired next morning
Poloniex was a pump and dump, bot manipulated shit place, but it was hot for some time. The Poloniex guys listed every shitcoin and managed to attract tons of volumes, which was the key to their success as you could trade everything with decent liquidity even if it was manipulated by bots (or because of that partially).
Exactly that. Such trading sites are often operated by shady people and even if they don't get hacked, we don't know at all where our personal data is sold. It's very common for these shady exchanges to make money from everything, even selling customer data on the darknet.
These trading sites are not regulated at all, often nobody knows who's behind them or where their headquarter is located. They will do nothing when our funds are lost as we won't have any chance to get our funds back.
And these shady operator know it.
They are just not liable for any fraud they are doing.
And here is one thing that 1miau is trying to get across: KYC is worthless because it doesn't even protect you on an officially registered, fully audited and authority controlled German exchange from being accused of engaging in illegal trading activities because another KYCed, shady party did a trade with you. What the heck is that? Really, this is beyond me because that is the maximum you can do. Go to a fully licensed, registered, legally acknowledged exchange with obligatory, extensive KYC and trade there. And still you get into unexpected trouble. That's a bad joke.
It's different here for Bitcoin.de as written above by allyouracid. Bitcoin.de isn't a centralized exchange and they are writing that on their site, too:
But I've tried to upload a picture of DOGE once for KYC, didn't work unfortunately. 
The system noticed that there is a discrepancy between the name "1miau" and the profile picture of a dog!
1miau is only existing online, so it can't be tied to any identity documents (besides its profile picture
). I read the post from allyouracid (German) and seriously, if it can happen on Bitcoin.de that you get accused of trading with someone who is involved in shady activities, holy Christ, how should I haver ever known with whom I traded on Poloniex? How can I even itel when I just use a buy/sell trading interface? That's ridiculous. It would be the same if you buy Applestock and it turns out one of the people who sold you Applestock is a drug dealer and the police knocks on your door because you, as a KYCed customer, bought Applestock from that anonymous counterpart on the NYSE.
It is ridiculous, and ended up being nothing but a waste of money for the govt. But I feel I should mention that bitcoin.de is a marketplace where you pick whatever order from the books, and you do a direct trade with that person. Bank account to bank account, crypto wallet to crypto wallet. And the issue was that the counterparty used a hacked bank account to buy crypto, so the actual owner complained and our super clever repression agencies immediately drew the conclusion: the receiver of the stolen money must be the bad guy! Understandable... if you have no clues about the matter you're dealing with.
Issues like that theoretically can't arise on a normal CEX, because you're not directly trading with individual persons. Well, the money comes from persons, but in that case, the exchange is your counterparty, esp. when you withdraw fiat bs money to your bank account.
But I've tried to upload a picture of DOGE once for KYC, didn't work unfortunately.
The system noticed that there is a discrepancy between the name "1miau" and the profile picture of a dog!
This thread's introduction is indeed valuable and I have only gone through KYC once, which was during my earliest days as a Bitcoiner and the only safe way for me personally to get Bitcoin. I am still ok with it, but I would never go through another KYC process on another exchange again. Data theft happened/happens nonstop, but the risk one had to take was that an exchange pulls the KYC card when you wanted to trade a coin or token that was only listed on a specific exchange back then. And that was quite common in the early days because exchanges were also popping up like tokens do today. Cryptopia, Bittrex, Cryptsy, Poloniex, HitBTC, Mintpal (god damn it, Mintpal
that's a story...), I have never ever provided any documentation there and I can only recommend to never do that. I know the early days of all those exchanges, how they started and how they were operated and I can tell you if you knew, you would certainly not consider sending your documents there. Poloniex was a pump and dump, bot manipulated shit place, but it was hot for some time. The Poloniex guys listed every shitcoin and managed to attract tons of volumes, which was the key to their success as you could trade everything with decent liquidity even if it was manipulated by bots (or because of that partially). These guys were then even approached by Circle, a company backed big time by Goldman Sachs, and they sold that shitcoin hole for $400 million after operating it for just four years in the most amateurish way possible. The hack wasn't the only issue.
Now I knew how that thing was operated and I was really shocked about the amount of money they got for the exchange. Shortly after, Circle wanted to turn it from a shitcoin hole into the serious go-to-place by introducing the magic KYC-forumla!
What happened? Traders jumped ship like crazy. This is the outcome. I guess this shows that most people had a relatively good understanding about the KYC risks and I am not talking about those who avoided KYC for criminal reasons. Poloniex was such a mess after all that really nobody wanted his personal documents being attached to some messed up databases.
I read the post from allyouracid (German) and seriously, if it can happen on Bitcoin.de that you get accused of trading with someone who is involved in shady activities, holy Christ, how should I haver ever known with whom I traded on Poloniex? How can I even tell when I just use a buy/sell trading interface? That's ridiculous. It would be the same if you buy Applestock and it turns out one of the people who sold you Applestock is a drug dealer and the police knocks on your door because you, as a KYCed customer, bought Applestock from that anonymous counterpart on the NYSE.
And here is one thing that 1miau is trying to get across: KYC is worthless because it doesn't even protect you on an officially registered, fully audited and authority controlled German exchange from being accused of engaging in illegal trading activities because another KYCed, shady party did a trade with you. What the heck is that? Really, this is beyond me because that is the maximum you can do. Go to a fully licensed, registered, legally acknowledged exchange with obligatory, extensive KYC and trade there. And still you get into unexpected trouble. That's a bad joke.
Looks like KYC is working great on Gate.io. A user registered as "Kim Jong-Un" and the e-mail "notlazarus" and got verified within minutes (Lazarus is a hacking group, run by the government of North Korea).
At least, Kim Jong-Un got exposed now for using shitcoins (probably) and storing his shitcoins on a centralized exchange. While I didn't expect much from shitcoins shithouses, it seems KYC 1 level on Gate.io can be faked by anyone:
https://www.gate.io/help/guide/security/23118/about-identity-verification-kyc-procedures-on-app
Just enter some random data, should do it already.
Even (if required) official documents can be faked by professional scammers.
And now, with AI entering the game, KYC will get even more unrealiable.
Most likely, all digital verfication can't be trusted as professional and experienced hackers will be able to fake it.
But I've tried to upload a picture of DOGE once for KYC, didn't work unfortunately.
Looks like KYC is working great on Gate.io. A user registered as "Kim Jong-Un" and the e-mail "notlazarus" and got verified within minutes (Lazarus is a hacking group, run by the government of North Korea).
Another example why KYC is useless and why it is dangerous to use your data on questionable exchanges.
He tried other names, like "Harmony Hacker" and got also verified within minutes.
Full Thread: https://twitter.com/zachxbt/status/1655929037770899457
Another example why KYC is useless and why it is dangerous to use your data on questionable exchanges.
He tried other names, like "Harmony Hacker" and got also verified within minutes.
Full Thread: https://twitter.com/zachxbt/status/1655929037770899457
I've adjusted and improved my list of translations into local languages below my text on the first page, so it might be easier for you to read it in your local language, if it's available.
Probably, I've still missed some languages in my list, searching content on Bitcointalk is very difficult due to Bitcointalk's outdated layout.
In case you know about local translations missing in my list, plz let me know and I'll add it.
Probably, I've still missed some languages in my list, searching content on Bitcointalk is very difficult due to Bitcointalk's outdated layout.
In case you know about local translations missing in my list, plz let me know and I'll add it.
Today I bumped my polish translation of this thread. I decided to do the same with oryginal thread because there are two good reason for that. One is obvious - very important thing is very well explained here.
Second one is that 4 days ago, February 2 we had 9th anniversary commemorates the moment when Beyonce's lawyer won a court case for removing this photo from the Internet:
As you can see, it didn't worked
I wanted to use this event to remind an important thing. Remember ... once your sensitive data falls into the wrong hands on the internet ... it will always be floating around the darknet in the ever-growing and resold hacker databases used by scamers.
Second one is that 4 days ago, February 2 we had 9th anniversary commemorates the moment when Beyonce's lawyer won a court case for removing this photo from the Internet:
As you can see, it didn't worked
I wanted to use this event to remind an important thing. Remember ... once your sensitive data falls into the wrong hands on the internet ... it will always be floating around the darknet in the ever-growing and resold hacker databases used by scamers.
I really hate when you register in a wallet or any project that requires KYC then they let you deposit money without KYC, but they tell you it's a must to complete KYC for withdrawing! That's like scamming I guess. Sometimes they may restrict some countries from their services but they will not tell you until you deposit your money, they do that because they know you will never complete KYC to withdraw your money.
Jump to: