Several dozens of “Know Your Customer” (KYC) certificate providers have appeared online overnight, making it difficult to know which one to trust. In addition, hundreds of crypto projects claim their development team has been KYC’d, implying to their community and to potential investors and partners that they are “verified” and “trustworthy”. Unfortunately, however, many of these KYC certificates are at worst, completely falsified, or at best, unreliable, because they were conducted by amateurs.
Here are 5 simple indicators for determining whether a KYC certificate is fake or unreliable:
- The KYC certificate is forged or counterfeited- It is very easy for fraudsters to photoshop a fake KYC certificate or badge for their project, and then publish it on their website or socials. You can detect a fake certificate by spotting inconsistencies, for example spelling mistakes, or if specifics like the date and validity duration are missing. You should also be able to verify the authenticity of a KYC certificate or badge directly on the issuer’s website.
- The auditing company does not exist- If you click on the KYC certificate issuer link, you might find out they don’t really exist (for example it leads to a simple Github page), or that it was issued by a front website, without any qualifications nor registration. This means that the certificate you are looking at is pure marketing and has absolutely no value in risk mitigation.
- The auditing company does not have professional investigators- Investigating and detecting concealed fraudulent activities is very difficult and requires solid investigative training and years of experience. Amateur KYC verifications lack a team of professional law enforcement investigators and intelligence analysts, which are necessary in order to detect fraudulent applications.
- The KYC is based mainly on a simple ID check- The majority of KYC verification processes today do not include real background investigations, meaning fraudsters can easily avoid detection by using fake IDs, hiding behind secondary team members, or hiring actors to pass the ID check for them. This lack of a true background investigation allows criminal developers to take advantage of these unreliable certificates to scam investors.
- The auditing company does not have international capacity- if the auditing company is too small or has not invested in hiring experienced investigators from different continents and cultures, they will not be able to verify the local background information of remote team members. Since most crypto project teams have multiple remote members, it creates a weakness in their verification process and their KYC results are unreliable.
Now that you know how easily a team with fraudulent intent (scam, rugpull, etc) can produce a fake KYC certificate, or even pass a basic one, it is vital to double-check the authenticity of each certificate, and the investigative capacity of its issuer, prior to investing or partnering with a project team.
Certik’s KYC process is carried out by experienced law enforcement investigators and intelligence analysts and has been designed to carry out the appropriate level of due diligence, and the authenticity of each CertiK KYC Badge is verifiable on the CertiK Security Leaderboard. Get in touch to learn more about how CertiK KYC can create greater trust for projects and their communities.