[refulgentis]

KYC stands for Know Your Customer, and is a core regulation in banking. So we can pivot off that and work through what a bank does to verify your identity.

I signed up for a Mercury bank account a few months back for my Delaware corporation without talking to anyone, so I'll use that as a template.

I can't remember the exact steps, but tl;dr submit a passport photo / driver's license photo and a photo I take in the app itself. If it was a not-US passport, then they'd dig into a full verification, not just a quick manual check of "is that face the same as the passport/license, is the passport/license ID # valid, and are the photos edited"

[AnthonyMouse]

You seem to be conceding the point that they would be forced to invade the privacy of their US customers in addition to just foreign ones.

[refulgentis]

True, I guess I wouldn't call it invading privacy, that's sounds a bit overwrought to me. Then banks invade my privacy, the DMV invades my privacy, etc. There's always tradeoffs, I respect people's concern about them, and I wish there was a gentler to say it.

[AnthonyMouse]

> Then banks invade my privacy, the DMV invades my privacy, etc.

That is a reasonable and factually accurate statement.

> There's always tradeoffs, I respect people's concern about them, and I wish there was a gentler to say it.

The tradeoff here is astonishingly bad. Studies have shown that AML/KYC have an effectiveness of less than a fraction of one percent. They continue to proliferate because their largest costs fall on the users rather than the companies, so they're the thing that large corporations suggest as a "solution" when they're being pressured to do something. Because people have the perception that it will do some good, even though that perception is inaccurate.

In reality what they do is provide a means to satisfy "something must be done" in a way that dumps the costs on marginalized users instead of politicians and corporations.

[refulgentis]

I had to look up what "effective" means in this context, found a couple crypto blogs using it as a talking point citing a 2011 UN study, the study says less than <1% of money laundering proceeds are confiscated worldwide, nothing about the laws. Money laundering is defined as an estimate of any money from illegal activity, including tax evasion.

[AnthonyMouse]

There have been more than one study and some of them more recent, e.g.:

https://www.tandfonline.com/doi/full/10.1080/25741292.2020.1...

AML laws are completely ineffective. People can write long papers about why, but the underlying reason is simple. Money is fungible.

If Alice is selling heroin to Bob and the government knows this, they don't need AML laws to arrest them. If they don't know this, even if all of the financial records were 100% transparent and tied to the name on their birth certificates, they still wouldn't know this, because Alice and Bob would just claim the payment is for software licensing or personal grooming services or whatever they want to make up, and neither the bank nor the government has any way to know otherwise until they independently prove the underlying crime. Worse, Alice and Bob don't even have to pay each other. Bob can just buy whatever Alice asks him to with his money and then give that to Alice in exchange for the contraband. Then there is no financial transaction linking them at all.

The entire concept of it simply doesn't work. It's all cost and no benefit.

[webspinner]

Yeah like me. I will not be able to use the internet anymore, litterally.

[monksy]

> a photo I take in the app itself

So what else did they pull off your phone? Location data, personal photos, personal files, wifi connections near by, microphone data, ongoing location data?

[webspinner]

Exactly, they just want more mass surveillance.

[refulgentis]

None of those, just asked for the photo

[monksy]

You said it was their app correctly?

Have you validated that they didn't take the other bits off your phone?

[refulgentis]

Every modern smartphone has permissions on that stuff for years now. I don't self-peasantize with "but what if..."