The converse of KYC and AML is identity management.
If we had effective identity management where everyone could
be identified as a unique person with certainty and securely, we would not have
the issue of AML and KYC given to the banking system.
The issue with identity is that no-one wants to own the
Governments give us passports and driving licences; banks
give us accounts based upon these identifiers PLUS utility bills; and these are
the two key identifiers in our lives.
But they are not sufficient, as both can be easily
Passports can be copied and bank accounts can be hacked.
It’s not as easy as it used to be – it used to be just a clever
forger who could copy your identifiers, but chips and biometrics are changing
the passport game – but it is still relatively simple to compromise identities,
particularly when people are so loose with their information online.
For example, there are many people who were early adopters
They friended everyone and felt the more friends they had,
the more important they were.
They post all their personal information online – their
location, relationships, email addresses, birth date and more.
This information can be made private – look at Facebook’s
latest privacy settings.
It used to be that you could only set privacy at the overall
account level to visible or invisible.
Then it became privacy at all levels, and delineated into
friends, friends of friends or everyone.
Even so, it still does not mean that users have
retrospectively gone back and changed their privacy settings.
Nor does it mean that Facebook’s evolution has not already compromised
some people’s privacy, including Mark Zuckerberg’s:
Neverthelesss, it’s pretty worrying when such a leaky
service that compromises people’s identity secrets is now being touted as the
next identity management system.
This is not the way things should be, but it is the way
things might be and could be.
We have multiple identities and identity owners – governments
and financial institutions – which should be working together, but don’t work together effectively
to manage them.
Sometimes we think that the solution would be to have a
single identity management system all governments and
The only trouble with that is that it might get compromised
and then what would you do.
If you have multiple identities and one gets compromised, you
can change it and move on whilst using your other identities.
If you only ever had one and that was compromised, then you
have an issue as you cannot recreate your single identity so simply.
Or so I’m told, although I don’t accept that assertion.
There should be a way to create a simple identity system,
and yet I’ve now seen so many companies created in the technology space to
offer identity management with none of them succeeding, that maybe this will
Whilst this is the case, the latest of the firm’s to tackle
this issue – miicard – have made a lovely little video to illustrate the issue.