Skip to main content

Bitcoin derivatives exchange Bybit will require stricter know your customer (KYC) procedures for individuals and corporations who wish to withdraw more than 2 BTC on a given day, including facial recognition screening.

“We have had KYC procedures on certain selected group of customers since last year,” a Bybit spokesperson reportedly said. “The new policy is to implement the procedures in a more systematic way, as part of our efforts to align our KYC procedures with the industry standard.”

Bybit’s new directives for individuals were recently posted on its website. The article details the three levels of KYC verification that users need to choose from. The first, “KYC 0,” does not require any verification but caps daily withdrawals to 2 BTC. Those who wish to take control of more bitcoin, up to 50 BTC, would have to move to “KYC 1,” which requires photos of a national identification document, full name, date of birth, and facial recognition screening. Lastly, users who wish to withdraw up to 100 BTC daily will also need to provide proof of residential address.

The bitcoin exchange also updated its requirements for corporate withdrawals. Company accounts only have two levels of KYC; KYC 0, which is the same as the individual account, and KYC 1, which allows up to 100 BTC to be withdrawn per day. The latter requires the company representative to provide many documents to share corporate information, and to prove the company’s legal condition. The requirements include a register of all members and directors, as well as a passport/ID and proof of residency of the ultimate beneficial owner (UBO) that owns more than 25% of the company.

KYC requirements, allegedly a way to prevent bad actors from leveraging bitcoin to commit financial crimes, have been increasingly spreading within the Bitcoin space. Besides its doubtful goals –– which are advertised as positive –– KYC procedures introduce a set of attack vectors and third-party vulnerabilities to the consumer, while being based on flawed assumptions that bitcoin is mainly used for criminal activities.

As Michele Korver recently shared in a Department of Justice journal, “ mainstream adoption of cryptocurrency has grown, the percentage of transactions used to promote or conceal crime has also decreased.”

Furthermore, companies asking for their customers’ private information do not necessarily have the technical infrastructure necessary to preserve the data’s integrity. More often than not, these companies get hacked and the data exposed. That leaves the customer with their hands tied, and they often become a target for a range of attacks, from sophisticated scams to more.

Additionally, companies can leverage KYC details to censor users and prevent them from accessing certain services. Users might have their financial sovereignty compromised, effectively experiencing the opposite of what Bitcoin is set to achieve –– a monetary network that does not discriminate, does not wield violence, and does not require a special status or level of wealth to use. And in the end, all that these stricter requirements might tangibly achieve is reducing Bybit’s liquidity and user base.