Hacker News new | ask | show | jobs
by josh2600 397 days ago
I can only assume that you don’t work in financial technology if you believe that KYC is a solved problem.

Proving authenticity in an increasingly diasporic society is difficult.

We should seek to either reduce or embrace entropy in the design of our systems. You either want systems which prove there are no Sybil attacks, or you manufacture halls of mirrors.

This is a continuous battle, there’s no panacea here, even the eye scan has threat vectors.

Calling KYC a solved problem is ludicrous.
2 comments
lokar 397 days ago
It depends what you mean by solved.

Banks tend not to over engineer things. KYC can be seen as a 3 sided trade off: cost of KYC infra/process/etc, lost revenue from denied business and fines from regulators.

They (the banks) don’t really care about the social goals of KYC, they just try to best optimize for expected value in the trade offs.

The regulators understand this, and are basically fine with it. They have their own trade offs they are balancing.

Both sides mostly find and equilibrium.

link
fc417fc802 397 days ago
Even considering the social goals there's no need for a 100% solution. We only need to stop most fraud and reduce the impact of the fraud that does happen to a sufficiently low level.

One of the more important goals isn't to directly stop fraud but instead to provide tools that give end users results that scale with the amount of effort invested. The level of risk should be a tradeoff that the end user is able to make.

Current solutions mostly allow for that but certainly have some rough edges.

link
davedx 397 days ago
I’ve been working on KYC recently, curious to hear what the problems with it are in your opinion?
link
Jommi 396 days ago
KYC and KYCd accounts are a high volume item on the grey / dark net

it appears to not really do much at all

link
GTP 396 days ago
I think thst the goal of KYC is to get information about the entity opening an account, to e.g. make sure it isn't used for money laundering. Whether this account gets stolen later is out of scope for KYC.
link
Jommi 394 days ago
right so its useless?
link
GTP 394 days ago
No, it's not: you still want to make it as hard as practically possible to criminals to launder money.
link
multjoy 397 days ago
Speaking as a fraud detective, it appears to be completely ineffective.
link
const_cast 397 days ago
Well yeah, you're only looking at the instances of fraud. You're not investigating fraud that never happened because it was prevented, that would be impossible.
link
ccorcos 397 days ago
Synthetic identities, probably
link