Verifiable Private Identity: The One Thing Needed For Regulated Digital Assets to Scale
A Verifiable Private Identity (VPI) is comprised of self-sovereign data (stored and accessed via an identity oracle) and privacy-preserving ‘identity assets’ such as Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs).
TL;DR
- Regulated digital assets, like stablecoins and tokenized real-world assets (RWAs), have recently experienced a boom in interest, but have yet to scale.
- The growth of the regulated digital asset industry is dependent on a verifiable identity solution that will satisfy regulatory compliance, interoperability, and ecosystem trust.
- A Verifiable Private Identity (VPI) is comprised of self-sovereign data (stored and accessed via an identity oracle) and privacy-preserving ‘identity assets’ such as Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs). Every user can own and control how their identity is expressed across different platforms, while their information and data remain private but verifiable through cryptographic proofs.
- By creating a universal golden record of a verified individual that is accessible via an identity oracle, users can reuse their VPI across multiple ecosystems, enterprises can satisfy compliance and security requirements, and regulators can trust digital identities for fighting fraud.
Over the past few years, we have witnessed growing interest and adoption of regulated digital assets, from cryptocurrencies, to tokenized real-world assets (RWAs), central bank digital currencies (CBDCs), and stablecoins. Governments, enterprises, and investors have all been paying attention to how regulated digital assets might disrupt legacy financial systems.
What Assets Can Be Tokenized by kaleido
And rightfully so. Digital currency, made possible by advancements in blockchain technology and cryptography, has the potential to power entirely new industries and economies. Cross-border payments and remittances could take seconds and cost cents, rather than days and dollars; companies could raise funds through a security token offering (STO) instead of through a traditional IPO, opening them up to new pools of investors and capital; and decentralized finance (DeFi) platforms can make lending, borrowing, and trading more accessible to everyone.
While these blockchain-powered use cases have the unparalleled opportunity to uplevel our existing financial systems, additional innovation is needed before regulated digital assets can truly scale.
Interoperable, reusable, and trusted on-chain identities is one such innovation. The anonymity inherent on the blockchain has led to its reputation as a technology for money launderers, causing many regulators to shy away from embracing digital assets and Web3. Many of the compliance requirements created by global regulators, like the Travel Rule as enacted by the Financial Action Task Force (FATF), compete directly against the ethos of data privacy and decentralization held by the Web3 community.
At Terminal 3, we believe that Verifiable Private Identity can be the key to tackling these challenges without compromising users’ rights to privacy, security, and ownership of their data.
The challenge in scaling regulated digital asset ecosystems
Meeting strict and punitive regulatory requirements
Transactions on the blockchain are transparent and immutable, but also inherently anonymous— user identities stay hidden (except for their wallet addresses and DIDs), while their activities are public. While this enhances user privacy, regulatory requirements to conduct customer due diligence exist for good reason, and current digital asset infrastructure is unsuited to fulfill anti-money laundering (AML) or counter-financing of terrorism (CFT) obligations.
Travel Rule Illustration by Notabene
Regulators have sought to solve these problems with new rules, like the Crypto Travel Rule, which requires virtual asset service providers (VASPs) to pass customer data, including names and addresses, to a receiving VASP during transactions. Modeled after wire transfer requirements, this rule was created without regard to the information that is actually recorded in an on-chain transaction. Now, institutions that wish to engage with digital assets are saddled with the task of building or adopting new systems that are contradictory to the underlying design of blockchain for the sole purpose of satisfying the Travel Rule, while most of these new ‘solutions’ actually violate global user privacy and security laws.
Difficulty establishing trust
In a decentralized environment where parties transact without intermediaries, establishing trust between participants is another challenge that must be solved. Without a reliable way to verify identities, users may hesitate to engage in transactions, fearing fraud or dishonesty. Institutional investors especially will not engage with unvetted parties. In traditional finance for example, borrowers with better credit profiles can borrow undercollateralized or even uncollateralized loans. Currently, the lending of on-chain assets often requires overcollateralization because of the lack of trust creditors and borrowers have in the ecosystem due to a lack of KYC.
Poor user experience and interoperability
Most Web3 projects only require users to connect their wallets to access services. With regulated digital asset platforms, however, cumbersome and repetitive identity verification processes often deter users from creating new accounts and transacting. User identities are also fragmented between different blockchains and applications, and there are very few ways for users to carry their identity across protocols. A lack of standardized, interoperable identity solutions also makes it difficult to facilitate secure, compliant transactions across different digital asset ecosystems, leading to users repeating the same KYC process with every new platform, even though their online identity, qualifications, and credentials remain unchanged.
Limited institutional adoption
Many large institutional investors remain cautious about entering the digital asset space due to concerns over regulatory compliance, custody, and market maturity. Without trusted and verified identities that are interoperable across platforms, institutions will remain hesitant to engage. The lack of institutional participation limits the inflow of capital and liquidity that is necessary to scale both the size of the crypto markets and also the scale of users across Web3.
The benefits of Verifiable Private Identity for regulated digital assets
Introducing Verifiable Private Identity into regulated digital asset ecosystems can solve for all of the above challenges. Composed of Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs), VPIs empower all users to have a unique digital address for access to their secure identity credentials, while their underlying data and information remain private yet verifiable through cryptographic proofs.
How Verifiable Private Identity can meet regulatory requirements
Robust identity verification processes are essential for platforms to comply with KYC and AML regulations. By establishing the true identities of users through KYC, digital asset platforms can screen for potential illicit activities, sanctions violations, and other financial crimes just like traditional financial institutions. But unlike traditional KYC, VPI and privacy-preserving KYC solutions can provide a secure and auditable way to onboard and verify customers while their identity remains publicly anonymous, bridging the legal requirements of compliance with the privacy expectations of Web3.
VPIs can provide a tamper-resistant audit trail of customer identities, transactions, and compliance-related information. In the event of regulatory audits or investigations, platforms can leverage Verifiable Credentials to demonstrate compliance, securely access identity data, and assist with official inquiries.
All the while, user data is stored across a decentralized network and can only be queried by enterprises via cryptography, removing concerns about compliance with data privacy and General Data Protection Regulations (GDPR).
How Verifiable Private Identity improves interoperability
A Verifiable Private Identity ensures that any associated identity assets (DIDs or VCs) can securely reference the same oracle record of a verified individual. This enables users to choose how to present themselves on different platforms while maintaining the same source of truth that can be trusted by institutions, which results in a truly interoperable and composable digital identity. Global standards for DIDs and VCs would further benefit the decentralized ecosystem, and help third parties more easily verify and accept individual identity claims. This is especially important when working with financial institutions that must comply with regulations like the Travel Rule.
When successfully implemented, Verifiable Private Identity, will greatly improve interoperability, trust, and overall digital experience for users and enterprises alike.
How Verifiable Private Identity reduces fraud
It is no secret that there are many anonymous bad actors using blockchain technology to commit financial crime. However, being able to verify a counterparty before making transactional decisions can greatly reduce the risks of fraud. Verifiable Private Identities will make it significantly more difficult for bad actors to operate because the ecosystem will begin to expect and demand genuine credentials even for decentralized transactions where identities can and should remain publicly anonymous. Terminal 3 believes that everybody has a right to privacy, which includes the right of ownership over your own information and selective disclosure. However, this right should not be interpreted as a free pass for bad behavior under the demand of anonymity. Implementing a VPI system within regulated digital asset markets is a way to make sure both institutional-grade privacy and public anonymity can be simultaneously achieved, reducing fraud while protecting users. Ultimately, lower credit and counterparty risks lead to lower rates of borrowing, will stimulate asset flows, and eventually promote greater adoption and growth of digital assets and decentralized systems around the world.
Conclusion
Digital assets, whether regulated or otherwise, have expansive potential to improve the global economy and increase equity. Yet, without verifiable identity assets that meet global compliance and security requirements, it will be difficult to convince regulators and institutions to fully accept digital assets and a decentralized economy that would otherwise empower and benefit people around the world. Conversely, traditional KYC and digital credentials fail to meet the privacy expectations of the Web3 community, and the inherent need for on-chain anonymity in a decentralized internet.
Therefore, Verifiable Private Identities are essential for overcoming both compliance and regulatory issues, as well as trust and anonymity concerns for a global digital asset economy. VPIs are a foundational building block for a more interoperable, secure, and equitable global financial system without compromising on user privacy and security.