Kai Sedgwick: KYC Requirements Are Making ICOs Riskier, Not Safersentinel n-featured kyc icos ico hackers hack data-leak crowdfunding bee-token bank-account bank aml
Once upon a time initial coin offerings were open to everyone. That time was last year, and since then gaining entry to ICOs has become increasingly difficult. In response to regulatory attention from the SEC, crypto startups have begun to perform due diligence on aspiring investors. Thanks to onerous KYC requirements, the pendulum has swung the other way, presenting hackers with an additional prize – the data of tens of thousands of investors.
KYC Requirements Are an Accident Waiting to Happen
Last year, the U.S. Securities and Exchange Commission went after a number of ICOs for failing to perform due diligence to ensure their investors didn’t hail from the U.S. Spurred partially by a desire to avoid censure or shutdown from the SEC, ICOs have taken things to the opposite extreme, using Know Your Customer procedures to weed out investors from the U.S., China, and a handful of other countries. To date, all of 2018’s major crowdsales have required some sort of KYC in order to gain admittance to their whitelist, with many outsourcing the task to third parties that specialize in such matters.
To merely be considered for a token sale, it is now commonplace for an individual to have to submit a passport scan, bank statement, and various other documents and to answer a string of questions about their background and the origin of their cryptocurrency. Legolas, for example, requested that investors “Provide as much detail as possible about the origin of the BTC”. Being whitelisted for a token sale is no guarantee of participation either. Oversubscribed ICOs such as Arcblock returned ether to hundreds of participants who had failed to contribute in time or who were deemed to have “cheated” by using over the prescribed gas limit. Twitter traders now encourage investors to submit KYC to as many promising ICOs as possible, just in case they later decide to participate.
A Data Leak In the Making
With ICOs now holding the passports and other identification documents of thousands of crypto investors together with their emails and wallet addresses, hackers have an added incentive to target crowdsales. Even if they’re unsuccessful in altering the contribution address, the raw data of tens of thousands of crypto holders is a honeypot of significant value in its own right. Some of that honey was stolen from The Bee Token, whose email database was accessed and used to send out phishing emails which raised over $1 million.
This week, Sentinel ICO had an even bigger fail after the passport data of its users was leaked. In a Medium post, the startup confessed that a website vulnerability had allowed uploaded files to be accessed by another user. To compound the problem, the user who discovered the flaw then claimed to have been reported to the police by Sentinel for their actions, despite having done nothing wrong.
KYC: Good for ICOs, Bad for Investors
It is hard to put a figure on the success rate for ICO whitelist applicants, though it’s likely to stand at less than 50%. At least half of the time, in other words, participants are submitting personally identifiable documents in exchange for nothing, be it due to whitelist oversubscription or network congestion that prevents them from contributing ether in time. The likelihood of that data being leaked is low, but cumulatively, over the course of dozens of KYC applications, those odds start to mount up. It only takes one failure to expose an individual’s data once and for all time. Email and wallet addresses can be changed; passports and driving licenses are permanent.
Gaining approval to participate in pre and public sales is now viewed by many ardent ICO participants as a game. The price for admission is the time it takes to complete the KYC registration process and the chance that none of the countless ICOs they apply to will suffer a catastrophic data breach. As if investing in ICOS wasn’t risky enough, KYC requirements have ironically made crowdsales even more hazardous.
Do you think KYC requirements for ICOs are excessive or necessary? Let us know in the comments section below.
Images courtesy of Shutterstock.
Keep track of the bitcoin exchange rate in real-time.
The post KYC Requirements Are Making ICOs Riskier, Not Safer appeared first on Bitcoin News.
Original article was created by: Kai Sedgwick at news.bitcoin.comDisclaimer: This article should not be taken as, and is not intended to provide, investment advice. Please conduct your own thorough research before investing in any cryptocurrency or ICO.
One more thing you may be interested in:
Interested in Cryptocurrencies and ICO's?
Follow our telegram channel for daily cryptomarket reports!Join @cointrends
|1 hour ago||n-featured|
|4 hours ago||n-featured|
|3 hours ago||ico|
|4 hours ago||ico|
|5 hours ago||crowdfunding|
|2 days ago||crowdfunding|
|7 hours ago||kyc|
|5 days ago||kyc|
|1 day ago||icos|
|3 days ago||icos|
|3 days ago||hack|
|3 days ago||hack|
|3 days ago||hackers|
|1 month ago||hackers|
|6 days ago||aml|
|2 weeks ago||aml|
|1 week ago||bank|
|1 week ago||bank|
|2 months ago||bank-account|
|2 months ago||bank-account|
|3 months ago||bee-token|
|5 months ago||data-leak|
Stay on top of Altcoins and ICO trends.
Subscribe to our free Weekly Cryptomarket report
Delivered once a week, strongly to your inbox.Subscribe to our mailing list
May 22, 2018
The following opinion piece on Bitcoin Cash was written by Jonald Fyookball We’ve already discussed 3 reasons why the bitcoin project was subverted: lack of education, lack of clarity, and centralized development. Today I will proffer two more: censorship and propaganda were allowed to run...From: OP-ED
A new crypto teller machine is now operational in South Africa’s largest city, Johannesburg. The ATM, which supports several digital coins, has been installed at a supermarket in the north-western part of the city’s metro area. It is the latest addition to a growing number of terminals...From: Lubomir Tassev
Before all the Lambo memes, shady no-product ICOs, and get-rich-quick schemes invaded the scene, Bitcoin was meant to disrupt the current economic system. Today’s edition of Bitcoin in Brief showcases how that promise is starting to materialize in different fields, including the future of...From: Avi Mizrahi
ICO Round-Up: Nearly 1 in 5 Offerings Accused of Fraud, Bermuda Passes Regulations, Thai SEC Holds Hearing
A recent “analysis of 1,450 cryptocurrency offerings” published by the Wall Street Journal has claimed to have revealed “rampant plagiarism, identity theft, and promises of improbable returns.” In other ICO news, Bermuda’s parliament has passed regulations that will legitimize...From: Samuel Haig
This is a paid press release, which contains forward looking statements, and should be treated as advertising or promotional material. Bitcoin.com does not endorse nor support this product/service. Bitcoin.com is not responsible for or liable for any content, accuracy or quality within the press...From: Bitcoin.com PR
On Monday the blockchain research and development firm, Nchain, announced the acquisition of a majority stake in the Bitcoin Cash-centric startup Handcash. The Handcash platform allows users to send BCH in a contactless manner using near field communication (NFC) technology. Also read: BCH...From: Jamie Redman