Designing a Framework for Digital KYC Processes Built on Blockchain-Based Self-Sovereign Identity

Know your customer (KYC) processes place a great burden on banks, because they are costly, inefficient, and inconvenient for customers. While blockchain technology is often mentioned as a potential solution, it is not clear how to use the technology’s advantages without violating data protection regulations and customer privacy. We demonstrate how blockchain-based self-sovereign identity (SSI) can solve the challenges of KYC. We follow a rigorous design science research approach to create a framework that utilizes SSI in the KYC process, deriving nascent design principles that theorize on blockchain’s role for SSI.

[1]  Jan Pries-Heje,et al.  FEDS: a Framework for Evaluation in Design Science Research , 2016, Eur. J. Inf. Syst..

[2]  Liudmila Zavolokina,et al.  Management, Governance, and Value Creation in a Blockchain Consortium , 2020, MIS Q. Executive.

[3]  Florian Glaser,et al.  Pervasive Decentralisation of Digital Infrastructures: A Framework for Blockchain enabled System and Use Case Analysis , 2017, HICSS.

[4]  Omri Ross,et al.  KYC Optimization Using Distributed Ledger Technology , 2017, WI 2017.

[5]  Neil Hughes,et al.  Digital identity: The foundation for trusted transactions in financial services , 2018 .

[6]  Jan Pries-Heje,et al.  A Comprehensive Framework for Evaluation in Design Science Research 1 , 2022 .

[7]  Fabien A. P. Petitcolas,et al.  A First Look at Identity Management Schemes on the Blockchain , 2018, IEEE Security & Privacy.

[8]  Jan Camenisch,et al.  An Efficient System for Non-transferable Anonymous Credentials with Optional Anonymity Revocation , 2001, IACR Cryptol. ePrint Arch..

[9]  Shirley Gregor,et al.  The Anatomy of a Design Theory , 2007, J. Assoc. Inf. Syst..

[10]  Robert Arasa,et al.  Determinants of Know Your Customer (KYC) Compliance among Commercial Banks in Kenya , 2015 .

[11]  Janice M. Morse,et al.  Strategies for Sampling , 1991 .

[12]  Pamela Hughes The 'need to know' principle of computer security , 1988, Comput. Law Secur. Rev..

[13]  Nils Urbach,et al.  Improving Interorganizational Information Sharing for Vendor Managed Inventory: Toward a Decentralized Information Hub Using Blockchain Technology , 2020, IEEE Transactions on Engineering Management.

[14]  E. Brink,et al.  Constructing grounded theory : A practical guide through qualitative analysis , 2006 .

[15]  Michael Kuperberg,et al.  Blockchain-Based Identity Management: A Survey From the Enterprise and Ecosystem Perspective , 2020, IEEE Transactions on Engineering Management.

[16]  Mark Billinghurst,et al.  Crossing the Chasm , 2001 .

[17]  N. Hoffart Basics of Qualitative Research: Techniques and Procedures for Developing Grounded Theory , 2000 .

[18]  James H. Moor,et al.  Towards a theory of privacy in the information age , 1997, CSOC.

[19]  Robert Christie,et al.  Setting a standard path forward for KYC , 2018 .

[20]  Fran Casino,et al.  A systematic literature review of blockchain-based applications: Current status, classification and open issues , 2019, Telematics Informatics.

[21]  Alex Biryukov,et al.  Privacy-preserving KYC on Ethereum , 2018 .

[22]  Douglas W. Arner,et al.  Digital ID and AML/CDD/KYC Utilities for Financial Inclusion, Integrity and Competition , 2018 .

[23]  Martin Johnson,et al.  Systematic methodological review: developing a framework for a qualitative semi-structured interview guide. , 2016, Journal of advanced nursing.

[24]  Christoph Meinel,et al.  A Survey on Essential Components of a Self-Sovereign Identity , 2018, Comput. Sci. Rev..

[25]  Nadine Ostern,et al.  Know-Your-Customer (KYC) Requirements for Initial Coin Offerings , 2020, Business & Information Systems Engineering.

[26]  Katharina Reinecke,et al.  Knowing What a User Likes: A Design Science Approach to Interfaces that Automatically Adapt to Culture , 2013, MIS Q..

[27]  Samir Chatterjee,et al.  A Design Science Research Methodology for Information Systems Research , 2008 .

[28]  Uyen Trang Nguyen,et al.  A New Approach to Client Onboarding Using Self-Sovereign Identity and Distributed Ledger , 2018, 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[29]  Jim Groom,et al.  The Path to Self-Sovereign Identity , 2017 .

[30]  Jean-Marc Seigneur,et al.  A Survey of User-centric Identity Management Technologies , 2007, The International Conference on Emerging Security Information, Systems, and Technologies (SECUREWARE 2007).

[31]  Rui Zhang,et al.  Security and Privacy on Blockchain , 2019, ACM Comput. Surv..

[32]  John Callahan,et al.  Using Biometrics to Fight Credential Fraud , 2019, IEEE Communications Standards Magazine.

[33]  Sebastian Clauß,et al.  Identity management and its support of multilateral security , 2001, Comput. Networks.

[34]  Douglas W. Arner,et al.  The Identity Challenge in Finance: From Analogue Identity to Digitized Identification to Digital KYC Utilities , 2019, European Business Organization Law Review.

[35]  Daniel Miehle,et al.  The DLPS: A New Framework for Benchmarking Blockchains , 2021, HICSS.

[36]  Roman Beck,et al.  Theory-generating design science research , 2013, Inf. Syst. Frontiers.

[37]  Spyros Kokolakis,et al.  Privacy attitudes and privacy behaviour: A review of current research on the privacy paradox phenomenon , 2017, Comput. Secur..

[38]  Nils Urbach,et al.  Building a Blockchain Application thatComplies with the EU General DataProtection Regulation , 2019, MIS Q. Executive.

[39]  Willem-Jan van den Heuvel,et al.  Blockchains , 2020, ACM Computing Surveys.

[40]  Michael D. Myers,et al.  The qualitative interview in IS research: Examining the craft , 2007, Inf. Organ..

[41]  Alan R. Hevner,et al.  Design Science Research Contributions: Finding a Balance between Artifact and Theory , 2018, J. Assoc. Inf. Syst..

[42]  Eve Maler,et al.  Decentralized Identity: Where Did It Come From and Where Is It Going? , 2019, IEEE Commun. Stand. Mag..

[43]  Alan R. Hevner,et al.  Envisioning entrepreneurship and digital innovation through a design science research lens: A matrix approach , 2020, Inf. Manag..

[44]  Alan R. Hevner,et al.  Design Science in Information Systems Research , 2004, MIS Q..

[45]  Kalman C. Toth,et al.  Self-Sovereign Digital Identity: A Paradigm Shift for Identity , 2019, IEEE Security & Privacy.

[46]  Norman Mugarura,et al.  Customer due diligence (CDD) mandate and the propensity of its application as a global AML paradigm , 2014 .

[47]  Nils Urbach,et al.  Cross-Organizational Workflow Management Using Blockchain Technology - Towards Applicability, Auditability, and Automation , 2018, HICSS.

[48]  Joan Bezon,et al.  Qualitative Nursing Research: A Contemporary Dialogue , 1991 .

[49]  Michèle Finck Blockchains and Data Protection in the European Union , 2017 .

[50]  Jason Bennett Thatcher,et al.  Blockchain Research in Information Systems: Current Trends and an Inclusive Future Research Agenda , 2019, J. Assoc. Inf. Syst..

[51]  Gilbert Fridgen,et al.  Digital Identities and Verifiable Credentials , 2021, Bus. Inf. Syst. Eng..

[52]  Nils Urbach,et al.  Unchaining Social Businesses - Blockchain as the Basic Technology of a Crowdlending Platform , 2017, ICIS.

[53]  Ross P. Buckley,et al.  The Emergence of Regtech 2.0: From Know Your Customer to Know Your Data , 2016 .

[54]  Rachna Dhamija,et al.  The Seven Flaws of Identity Management: Usability and Security Challenges , 2008, IEEE Security & Privacy.

[55]  Miss Laiha Mat Kiah,et al.  Blockchain Technology the Identity Management and Authentication Service Disruptor: A Survey , 2018, International Journal on Advanced Science, Engineering and Information Technology.

[56]  K. Gopinath,et al.  Towards a More Secure Aadhaar , 2017, ICISS.

[57]  Salvatore T. March,et al.  Design and natural science research on information technology , 1995, Decis. Support Syst..

[58]  Philip J. Ruce,et al.  Anti-Money Laundering: The Challenges of Know Your Customer Legislation for Private Bankers and the Hidden Benefits for Relationship Management ('The Bright Side of Knowing Your Customer') , 2011 .

[59]  Eve Maler,et al.  The Venn of Identity: Options and Issues in Federated Identity Management , 2008, IEEE Security & Privacy.

[60]  Radu State,et al.  Demo: Blockchain for the Simplification and Automation of KYC Result Sharing , 2019, 2019 IEEE International Conference on Blockchain and Cryptocurrency (ICBC).

[61]  Drummond Reed,et al.  The Trust over IP Stack , 2019, IEEE Communications Standards Magazine.

[62]  Hye-Young Paik,et al.  Design Pattern as a Service for Blockchain-Based Self-Sovereign Identity , 2020, IEEE Software.

[63]  Randy H. Katz,et al.  Core Concepts, Challenges, and Future Directions in Blockchain , 2020, ACM Comput. Surv..

[64]  Jan vom Brocke,et al.  Evaluations in the Science of the Artificial - Reconsidering the Build-Evaluate Pattern in Design Science Research , 2012, DESRIST.

[65]  Leon Perlman,et al.  Focus Note: The Use of eKYC for Customer Identity and Verification and AML , 2019, SSRN Electronic Journal.

[66]  Alan R. Hevner,et al.  Special Issue Editorial - Accumulation and Evolution of Design Knowledge in Design Science Research: A Journey Through Time and Space , 2020, J. Assoc. Inf. Syst..

[67]  Alan R. Hevner,et al.  POSITIONING AND PRESENTING DESIGN SCIENCE RESEARCH FOR MAXIMUM IMPACT 1 , 2013 .

[68]  Johnny Saldaña,et al.  The Coding Manual for Qualitative Researchers , 2009 .