Pioneered by Vinny Lingham, Civic highlights both the need for better security where personal data is concerned, and a more efficient approach to dealing with AML (Anti Money-Laundering) legislation. By harnessing the power of the Bitcoin blockchain, Civic has the potential to streamline the arduous process of identity verification, all whilst making sure personal data is kept safe.
Cybercrime & identity theft
In today’s heavily data-driven world, it comes as no surprise that cybercrime is on the rise, poised to become a $2 trillion dollar industry by 2019. As the Civic white paper points out, there is a booming market for personal information on the darknet, with compromised data being sold in bulk for pennies. No matter how vigilant one may be in attempting to protect themselves online, the reality of the situation is that vulnerability exists not only on the user’s end, but in the storage of such information by whoever it is shared with − utilities companies, banks and medical services are prime examples.
If recent headlines are anything to go by, these entities are far from the impenetrable fortresses one would expect their data to be held in. These are not just the shady overseas businesses you’re ordering prescription Viagra from, either − governmental institutions and tech titans have also been compromised.
Clearly, the conversation needs to be had on information security. The law has begun to adapt to reflect a stance that penalizes companies for poor handling of client data, as evidenced in cases such as FTC v Wyndham Worldwide Corp. in the United States, or the renewed understanding of an individuals’ right to privacy (as enshrined in the ECHR’s Article 8) by the implementation of the General Data Protection Regulation in EU countries.
Civic may be an ideal system for companies in these jurisdictions to adopt. Its use of hashing algorithms to encrypt client information could vastly reduce the ease with which a malicious interceptor could gain access to such a sensitive payload. The data itself is stored locally on the user’s phone, to avoid the possibility of large-scale data breaches on a server returning every user’s information.
Solution to regulatory compliance
A security overhaul is not all the Civic ecosystem has to offer − as briefly mentioned above, it also claims to offer a solution to the KYC/AML debacle. If you’ve ever purchased Bitcoin (or, for that matter, given up due to the grueling process of doing so), you’ll be all-too-familiar with the rigorous identity verification that exchanges are required to carry out.
Many point out that this seriously impedes the decentralization aspect that the original white paper conceived. Unfortunately, ‘Know Your Customer’ compliance is not a scheme concocted to make customers’ lives’ miserable. Rather, it’s a necessary step in safeguarding companies from the heavy sanctions imposed by anti-money laundering legislation, which has become increasingly demanding in attempts to hamper the laundering of funds acquired from criminal enterprises.
One would think that there would be a more efficient way of ‘transferring’ one companies’ KYC vetting to another, which would save both time and money for all parties involved. This is precisely where Civic intends to reshape the industry: in the Civic ecosystem, if one company, the ‘validator’, validates a user’s data, another company wishing to verify said user may request an attestation from the initial company, paying for this in Civic’s native currency, CVC. Ideally, the cost of doing so would be fractional compared to the current cost of vetting a potential customer in line with AML guidelines.
The tokens paid are locked into escrow, and can be released by the user, provided they are satisfied with the exchange taking place. Smart contract functionality, whilst not native to Bitcoin’s blockchain, is achieved through the integration of Rootstock, and allows for Civic’s operation on the Bitcoin network. When released, the CVC is distributed to both the user and the attesting company, further incentivizing activity across the network.
Civic intends for its tokens to be used as a currency akin to gas on the Ethereum network, as a tailored method of payment for services in the identity industry. The paper outlines such services as trawling darknet markets for leaks pertaining to the user’s data, background checks, and notary services, as well as any that may be added by Civic’s partners as the system grows.
It may be too soon to assess whether the system has any merit. On paper, the idea that Civic posits is sound, having identified some pressing issues within the identity verification domain − namely, the impact of AML laws and the need for better protection of personal information − and has detailed an effective remedy to these. The company, unlike many ICOs, has a track record in the industry it hopes to improve, and may very well revolutionize the process of ID verification. WordPress integration is promised within the month, and if more companies follow suit, Civic may very well usher in a new standard for the handling of personal data in the digital era.