LogoLogo
  • ID DWN Protocol
  • Guides
    • Introduction
    • Issuing Credentials
    • Verifying Credentials
    • Credential State
    • Identifier Methods
    • Smart Contract Interfaces
    • Credential Wallets
  • REFERENCE
    • Quick Start
      • Installing the ID DWN SDK
    • Schemas
      • KYC/KAML
    • Message Formats
    • DIDs and VCs
Powered by GitBook
On this page
  • Attestations
  • Purpose
  • Example
  • Attributes
  • Recommendations
  1. REFERENCE
  2. Schemas

KYC/KAML

Know your customer and Anti money laundering verification schema

Attestations

Purpose

Represents an attestation a KYC/AML process has been performed according to a specified defined process. A KYC/AML process is defined at the country-level, referenced as linked data.

The KYC/AML attestation structure is intended to address regulatory compliance only, and not filtering on additional personal data attributes. An example of the latter is filtering out users based on state residence for idiosyncratic compliance purposes. This distinction helps reduce required attributes about the credential subject (and finer-grained personal data) within the credential.

Example

{
  "type": "KYCAMLAttestation",
  "process": "https://dwn.vc/definitions/processes/kycaml/0.0.1/usa",
  "approvalDate": "2022-04-01T15:00:00.007Z"
}

Attributes

"type" Attribute

The "type" attribute MUST be "KYCAMLAttestation". Use of this attribute is REQUIRED.

"process" Attribute

The "process" attribute is used to define which KYC/AML process was performed. The "process" attribute value is a stringOrURI referencing the KYC process performed. Use of this attribute is REQUIRED.

"approvalDate" Attribute

The "approvalDate" attribute is used to define the date of KYC/AML process completion, which may be on or before the issuanceDate of the credential (in the outer VC wrapper). The "approvalDate" attribute value is an ISO 8601-formatted string. If not present, then the attribute value is assumed to be the same as the Verifiable Credential issuance date. Use of this attribute is OPTIONAL.

Recommendations

  • Issuers take responsibility for revoking issued credentials due to updates to sanctions lists

  • Verifiers must ensure they update verification results per updated issuer actions

  • Verifiers are expected to determine fitness-for-purpose based on awareness of process definitions

  • Additional details obtained during the KYC/AML process should not be included in the attestation. For example, service provider scores are not needed and will leak personal information.

  • Support for use cases that require additional data (such as residency information) should be accomplished in ways that enable the subject to provide the least amount of data required. This may be accomplished with ZKPs or by issuing separate credentials containing the additional attributes, enabling wallet aggregation of minimal required data.

ID DWN initial release contains only the USA KYC/AML process definition (https://dwn.id/definitions/processes/kycaml/0.0.1/usa). Additional process definitions can be developed based on existing practices/requirements per country.

PreviousSchemasNextMessage Formats

Last updated 1 year ago