zkMe Dochub
GitHubTwitterDiscord
  • zkMe Network
  • Learn about zkMe Network
    • Introduction
    • Try a Demo
    • High Level Architectural Overview
      • High Level User Stories
      • zkMe Protocol Components
        • zkMe zkVault
        • zkMe DID Method
        • zkMe Credential Suites
        • zkMe Self-Sovereign Identity
    • Vision, Mission & Design Philosophy
    • Value Propositions & Use Cases
  • Verify with zkMe Protocol
    • Integration Checklist
      • zkMe Dashboard Setup
      • zkMe Supported Chains Overview
      • zkMe Protocol Smart Contract
    • Integration Guide
      • JavaScript SDK
        • zkKYC - Compliance Suite
        • MeID - Anti-Sybil Suite
        • Me - Profiling Suite
      • zkMe API
        • zkKYC - Compliance Suite
          • Verify zkKYC Status
          • Get KYT Results
      • Platform Integration
        • QuestN Integration
      • Smart Contract Verification
        • Compliance Suite
      • Customize Widget UI
    • zkKYC - Compliance Suite
      • zkMe zkKYC Levels
      • Regulatory Frameworks
        • EU - MiCA/TFR Regulations
        • US - Crypto Regulations
        • UK - Crypto Regulations
      • zkKYC Credentials
        • Proof-of-Citizenship (zkPoC)
        • Proof-of-Location (zkPoL)
        • Proof-of-Accredited-Investor (zkPoAI)
        • AML Check (AMLMe)
        • Know Your Transaction (KYT)
          • KYT Supported Scope
        • Know Your Business (KYB)
    • MeID - Anti-Sybil Suite
      • CKKS Homomorphic Encryption
      • DID Creation
      • MeID Credentials
        • MeID
    • Me - Profiling Suite
      • MeScores Credentials
        • zkCredit Score
        • zkSocial Network
        • zkDAO Management
        • zkGaming Status
    • zkMe Roadmap
  • Explore More
    • zkMe Bug Bounty Program
    • zkMe Brand Kit
    • zkMe Identity Hub
    • FAQ
    • Glossary
    • Link
      • GitHub
      • X / Twitter
      • Medium
      • YouTube
      • LinkedIn
      • Discord
      • Blog
    • Privacy Policy
Powered by GitBook
On this page
  • Available zkKYC Credentials
  • Tier 1
  • Tier 2
  • Tier 3
  • Issues with Traditional Third-party eKYC Solutions
  • Success Criteria for Onchain Compliance
  • Restructured KYC Process with zkKYC
  • zkMe's zkKYC Design Philosophy
  • Crypto Regulations
  1. Verify with zkMe Protocol

zkKYC - Compliance Suite

Skip to the technical integration -> zkKYC - Compliance Suite


zkMe supports the verification of various user Credentials, each of which can be individually added and configured to the whitelisting program required by the service provider.

Available zkKYC Credentials

Levels
Credentials
Description

Tier 1

  1. PoP - Personhood

Tier 2

  1. zkPoC - Citizenship

  2. Off-Chain AML

  3. On-Chain AML

  4. KYT check

ID document verification, Liveness check, Age of Majority, PEP/Sanction lists, Adverse media

Tier 3

  1. zkPoL - Location

  2. Accredited Investor Checks

Geographic location verification, Past two years income verification

Tier 1

At Tier 1 of zkMe's verification process, users are required to provide:

  • Proof-of-Personhood: This ensures the user is a real individual.

  • Liveness check: This verifies the user is a living person and not a bot or using a fake identity.

  • Uniqueness check: This ensures that the user is not already registered in the system, preventing duplicate accounts.

Full homomorphic encryption is implemented here to protect users' faceprint privacy, for more details, please check CKKS Homomorphic Encryption.

Tier 2

Tier 2 includes all the requirements of the Tier 1, plus:

  • Proof-of-Citizenship: Verification of the user's legal status in a given country.

  • Anti-Money Laundering (AML) profile check: These checks are designed to prevent financial crimes.

  • Transaction Monitoring (KYT) profile check: Analysis of user's transaction behavior for any suspicious patterns.

  • ID document verification: Requires users to provide a valid ID as proof of their identity.

  • Adulthood check: Verification that the user is of legal age in their jurisdiction.

  • PEP (Politically Exposed Persons) / Sanction Lists: Checks to see if the user is on any international sanction lists or is classified as a PEP.

  • Adverse Media: Screening of global media sources to identify any negative news about the user.

Private Set Intersection and zero knowledge proofs are implemented here to protect users' demographic data privacy.

Tier 3

Tier 3 includes all the requirements of the Tier 2, plus:

  • Proof-of-Location: Checking the user's current geographic location through GPS.

  • Accredited Investor Verification: Verification that the user meets the criteria to be classified as an accredited investor, typically requiring certain income levels or net worth (on-chain).

The add-ons supplement each level of verification by requiring additional data or conducting extra checks. The specific requirements and levels of verification can differ based on the add-ons chosen and zkMe's policies, which are designed to comply with relevant laws and regulations. Users should refer to zkMe's specific KYC policy for exact details.

Issues with Traditional Third-party eKYC Solutions

  • Privacy Issues: Integrating a third-party KYC solution means sharing users' personal information with a third-party, which could lead to privacy breaches.

  • Data Ownership Issues: In a third-party KYC solution, users' source files might be owned and controlled by the third-party, which goes against the principle of user data ownership in web3.

  • Decentralization Issues: If a decentralized application integrates third-party KYC, the application becomes centralized, contradicting the decentralization principle of web3.

Success Criteria for Onchain Compliance

The core spirits of web3 are decentralization and data autonomy, which can make the implementation of traditional KYC processes challenging, as they often require the collection and storage of personal data, which goes against the core principles of web3. However, ZKPs-based KYC offers a solution to this challenge, providing a way to verify users' identities while still maintaining data autonomy and decentralization.

Here are some of the key business requirements for implementing ZKPs-based KYC in the web3 ecosystem:

  • Privacy: With ZKPs-based KYC, businesses can verify users' identities without requiring them to disclose their personal information. This can help to protect users' privacy, as their data is not stored on a centralized server or shared with third parties.

  • Regulatory Compliance: Many businesses operating in the web3 ecosystem are subject to regulatory requirements, such as anti-money laundering (AML) and know-your-customer (KYC) regulations, including identity recovery capabilities for at least five years after the completion of a service relationship if there is reasonable suspicion and regulatory intervention, and compliance with the travel rule regarding KYC data among financial institutions. ZKPs-based KYC can help businesses comply with these regulations while still maintaining the decentralized and autonomous nature of the web3 ecosystem.

  • Security: By implementing ZKPs-based KYC, businesses can enhance security and reduce the risk of fraud, identity theft, and other malicious activities. The use of ZKPs allows for secure identity verification without the need for centralized identity repositories, which can be a target for attackers.

  • Efficiency: Traditional KYC processes can be time-consuming and expensive, which can create a barrier to entry for some businesses. ZKPs-based KYC can improve efficiency by reducing the time and cost associated with verifying user identities.

  • User Experience: With ZKPs-based KYC, users can enjoy a more seamless and user-friendly experience when accessing web3 applications and services. The process of identity verification is simplified, reducing the friction that can sometimes exist with traditional KYC processes.

Restructured KYC Process with zkKYC

zkMe zkKYC enables users to prove their identity to a service provider without revealing their personal information, improving privacy and security over existing eKYC solutions. The process can also help service providers comply with regulatory requirements for KYC while reducing the risk of data breaches, identity theft and verification costs in general. The restructured process of zkKYC involves the following steps:

Credential Verification: The Holder submits their identity documentation digitally to the zkKYC Issuer for verification. This step involves the traditional process of providing personal information and documents, such as a passport or driver's license. The Holder's Identity documentation and likeness is verified through OCR and Facial Recognition checks. The zkKYC Issuer algorithm is able to parse the machine-readable identity documents in a structured way. No need for any human interaction or third-party processing.

Screening & Risk Assessment: The Holder Identity is screened against lists of known criminals, terrorists, or politically exposed persons (PEPs), transaction history and other relevant information to identify potential risks. This check is processed in real time, no personal data is stored at any time. On basis of the check the zkKYC Issuer generates a risk profile for the Holder Identity and actively scrubs all private user data from memory.

ZKP Generation: Once the zkKYC Issuer has verified the Holder's identity, it issues anonymous VP claims (in the form of SBT and ZKPs) for each of the preselected eligibility questions. ZKPs provide a mechanism to express traditional credentials digitally, cryptographically secure, privacy-respecting, and machine-verifiable. SBTs are stored on-chain and ZKPs are stored in decentralized storage.

SBT Mint: Creation of an encrypted data object to the Holder's SSI wallet that contains their DID and respective ZKP pointers required to prove a Holder’s eligibility to Verifiers repeatedly.

Proof Verification: When a Holder wants to access a service that requires KYC, they receive a request to allow for verification of proofs from the Verifier. Once authorized, the Verifier checks the Holder's ZKP against their internal eligibility criteria, such as age or residency. If the proof is valid and the ZKP answers fulfill the service requirements, the user is granted access to the service.

Proof Revocation: ZKP VP claims have a natural expiration. If the user's verifiable credential is compromised or revoked, the identity issuer can update or revoke the credential, preventing its use for future authentication and verification.

Ongoing Monitoring: Verifiers may process continuous on-chain transaction monitoring to ensure compliance with relevant regulations and to detect any suspicious activity that may indicate fraudulent behavior. Additionally, every time a ZKP is reissued upon expiration or revocation, screening and risk assessment procedures are repeated.

(Data Recovery): Only in the event that the regulator initiates formal bad-actor proceedings against a Holder can the original identity data be recovered. Upon substantial suspicion, the Regulator, Credential Issuer and Verifier combine their key shards, creating the private key required to unlock the original identity document proof stored in threshold encrypted decentralized storage.

zkMe's zkKYC Design Philosophy

  • Personal Data Protection: In a zero-knowledge proof (ZKP) system, users can verify certain attributes about themselves without revealing raw data. This approach protects user privacy, and users have full control over their own data. This aligns perfectly with the web3 philosophy of decentralization and user sovereignty.

  • Regulatory Compliance: In situations where KYC/AML checks are necessary, zero-knowledge proofs can provide a solution that balances regulatory compliance with privacy. Users can prove they meet KYC/AML requirements without revealing personal information to service providers.

  • Data Recoverability: Since users control their own data in a zero-knowledge system, they can recover and migrate it if issues arise with the system or service provider.

Crypto Regulations

The regulatory framework for KYC/AML compliance in web3 is still developing. Some countries have started to implement regulations specific to web3 technologies, while others have issued guidance or are in the process of developing regulations.

Other countries and regions, such as Switzerland, the United Kingdom, Hong Kong, Singapore, and Japan, have implemented or are planning to implement regulations specific to web3.

PreviousCustomize Widget UINextzkMe zkKYC Levels

Last updated 12 days ago

Liveness check, Uniqueness check; For more details, please check:

MeID - Anti-Sybil Suite

EU

The European Commission has passed regulations (MiCA, TRF and AMLD7) requiring all Virtual Asset Service Providers (VASPs) to undergo customer due diligence and comply with Financial Action Task Force (FATF) requirements.

USA

In the United States, the Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC) have issued guidance and proposed bills related to digital assets and web3 technologies.

UK

EU - MiCA/TFR Regulations
US - Crypto Regulations
UK - Crypto Regulations
zkMe's zkKYC high level sequence diagram