Despite Cayman’s reputation for fast-and-easy banking, residents of the islands know the headache that can come with opening a personal bank account. One appointment can turn into several, as would-be clients track down the necessary paperwork and await the weeks-long approval process.
If a newly launched blockchain initiative takes root, the once unavoidable slog of such bureaucratic tasks could become as easy as swiping a credit card.
Cayman-based attorneys for Appleby, Sam Banks and Peter Colegate, served as lead legal advisers for the launch of SelfKey, an international project seeking to establish token-based digital identity wallets.
For offshore jurisdictions, Banks described the initiative as a gamechanger for the necessary but often slow process of KYC and AML compliance.
“SelfKey is intended to be a global solution to allow individuals and companies to transact business with each other with a higher degree of confidence with whom they’re doing business, whilst allowing the KYC-onboarding process to be completed in seconds – not weeks,” he said.
For personal purposes, the network would, in theory, provide a once inaccessible level of sovereignty over personal documents. Rather than submitting paper files that are then stored in a company’s potentially hackable databases, users would maintain control of such sensitive information by maintaining certified copies on a protected blockchain network.
“Everyone knows that opening a bank account in an offshore jurisdiction can be painful. But, what if instead of having to provide paper copies of all of your documents, you could keep encrypted versions of each of those documents in a digital wallet that only you possess? These documents would be certified in the usual way: visit a notary, justice of the peace, etc., who’s a ‘certified’ on the SelfKey Network,” Banks said.
The concept of self-controlled, verified digital documents met an enthusiastic investor response when SelfKey released its tokens, issued by a Cayman company, for public sale on Jan. 14. Following a four-day, US$15.8 million pre-sale in December, the public launch in January reached its sales cap in 11 minutes. The offering sold a total of US$22 million. Ninety percent of the proceeds are slated for growth grants, 5 percent for governance and legal expenses, and the remaining 5 percent for operations.
Products available at launch included bitcoin and digital asset exchange signup, citizenship services, company incorporation, and international insurance applications, among others.
SelfKey founder Edmund Lowell described the launch as an important step toward self-sovereign identity and individual rights.
“After the successful sale, we are pleased to be able to carry out our mission to put identity owners in control of their data and change the current centralized approach of identity management systems to one which is decentralized and self-sovereign,” Lowell said in a press statement.
While the initiative boasts a litany of benefits – digitally signed and verified identity claims, data minimization, proof of individuality, proper governance and a user-centric system – the concept must still contend with data protection laws, including Cayman’s recently established legislation aimed at minimizing vulnerable data stores.
Centralized databases are notoriously difficult to secure – as highlighted by major breaches like Equifax, among others – and replicating identity data across blockchain nodes can increase the risk of cybercrime.
“Even if the personal data is encrypted, this still does not solve the problem of legal compliance, as encrypted data can still run afoul of personal data regulations. Anyone sufficiently motivated to seek to re-identify individuals from transaction records held on a decentralized ledger would likely have the wherewithal to re-identify individuals from other available databases,” explains SelfKey’s white paper, posted on the organization’s website.
The SelfKey wallet seeks to overcome such risks by providing users a digital “pen” to apply a unique digital signature to documents. A public key and a private key, only known by the identity owner, are used to authorize transactions.
“Whenever this digital signature is applied, it serves to authenticate and validate the owner’s identity to requesting parties confidentially and securely (without having to appear in person),” the white paper adds.
“Where a username/password combination is stored in a third party’s database, a SelfKey user would never share their private key – this would always remain a secret to the user. At this stage, no one – not even the SelfKey foundation – would know that this was the user’s container, or that the SelfKey number even existed. No other entity issued it, and it was created solely by the user. This is exactly what it means to be self-sovereign.”
The process of sharing KYC documents with a bank, for example, would be secured through public key signatures, Banks said.
“You can then exchange this (document) with your bank by signing it with your public key – and addressing it to your bank’s public key. In this way, only your bank (the intended recipient) is able to open and verify its contents. This process can be done in seconds, automatically by your bank’s back-office systems (with full cross-referencing of terrorist watchlist, politically-exposed persons and other public record sources),” he said in an email.
In coming months, SelfKey will unveil desktop and mobile apps, followed by an anticipated beta corporate identity wallet launch in 2019.
Broadly, Banks hopes to see regulators become more comfortable with blockchain technology and the potential applications from initiatives like SelfKey.
“This is a dialogue that is already happening with regulators in progressive jurisdictions like Estonia, Singapore and Hong Kong. The hope is that once regulators in these first-mover jurisdictions have confirmed that the system satisfactorily meets their compliance requirements, that regulators in other jurisdictions will follow suit,” he said.