Bitcoin exchange Binance has announced changes on its account verification policies, implementing mandatory, hardened know-your-customer (KYC) procedures for all users. Effective immediately, all new users will be required to provide additional personably identifiable information (PII) to access Binance services such as deposits, trades, and withdrawals. Existing users will lose access to most services except withdrawal until they provide the necessary PII.
The new requirements entail that, from now on, all Binance users be required to endure a more extensive identity verification process, called "Intermediate Verification," on the platform. The starter verification status, "Basic Verification," which required a user's full name, nationality, date of birth, and home address, has gone defunct. Now, to trade BTC or other cryptocurrencies on Binance, users have to go beyond the basic verification and upload photos of a government-issued identification card and a selfie, as well as undergo live face verification. All data will be sent to the exchange's servers and staff, who will personally review and either approve or deny it.
"Binance is announcing these measures to help support its efforts in Know Your Customer (KYC) and Anti-Money Laundering (AML)," the statement said, citing "enhanced user protection" and the need to "combat financial crime" as motives underlying the changes.
Even though some of the alleged reasons behind KYC seem legit – to prevent criminal financial activity and terrorism – the long-term effectiveness and downstream consequences of these tactics are rarely discussed. Instead, proponents of offensive tactics worldwide hold KYC/AML as the holy grail to combat crimes, even though it often doesn't deliver and end up increasing the attack surface for every single individual.
Moreover, it is reasonable to believe that criminals can adapt to and circumvent KYC procedures entirely in the short term. As processes adapt to encompass more use cases and more illicit activities, so do bad actors, turning it into a cat-and-mouse game of much-reduced effectiveness. But more importantly, in the long run, extensive KYC ends up providing supercharged surveillance powers to future government leaders who may use that power and information as they wish – without user consent. Additionally, centralized data centers often get hacked, compromising user data and further increasing attack vectors.
Mainstream narratives don't allow the downsides of KYC to be discussed, leaving an open floor to any regulation that could supposedly benefit society at large at the expense of individual rights. However, that often fails to be achieved and can harm the individual and their commonly neglected right to privacy. In a regulatory environment that is hardly ever openly discussed, those who value individual human rights are seen as "the screeching voice of the minority." And as the individual gets obliged to pay ever more expensive personal costs to the alleged welfare of the whole, both the person and the people lose.