Today's biggest melon, Coinbase KYC data leaked a lot, and the Chinese area has not seen relevant discussions. Industry sources estimate that the incident caused at least hundreds of millions of dollars in losses to the exchange and dealt a heavy blow to its business reputation.
A few quick things to say about cryptography and digital identity fraud:
1. The KYC data in the hands of various virtual asset service institutions such as exchanges is basically a time bomb. Once an accident happens, it will hurt the muscles and bones, and the door will be closed at the worst.
2. Many financial institutions are still storing sensitive data, including user KYC data, in clear text. /shrug
3. Encryption algorithms such as AES256 can already protect sensitive data. There is no way for an average hacking group to crack such encryption algorithms. But the problem is, they don't need to crack at all because it's easy to find password.txt files on the same server.
4. The design and implementation of a secure, reliable, flexible and convenient encryption, decryption and key management system is very, very difficult. It's even more difficult to use a simple and secure user interface to involve the company's non-technical executives in the management of permissions to encrypt data without introducing any additional security risks.
5. After the user's KYC data is stolen, criminals will use various means to defraud users in order to defraud their crypto assets.
6. The vast majority of scams succeed because of identity fraud. In other words, if users can identify the real identity of the person who emails, texts, calls them, in a very simple and effective way, then 99% of scams will not happen.
7. Tools to prevent fraud and data theft are like the latest body armor or airbags. No one cares before the accident, and it's too late to care after the accident.
8. Data encryption algorithms, secure and convenient key management, and digital identity fraud prevention are one of the best application scenarios of Web3/blockchain technology. Unfortunately, public chains such as ICP that focus on such scenarios generally do not receive much attention.
Finally, whether it is public welfare, we will continue to make efforts in this direction.
Show original
4.11K
6
The content on this page is provided by third parties. Unless otherwise stated, OKX is not the author of the cited article(s) and does not claim any copyright in the materials. The content is provided for informational purposes only and does not represent the views of OKX. It is not intended to be an endorsement of any kind and should not be considered investment advice or a solicitation to buy or sell digital assets. To the extent generative AI is utilized to provide summaries or other information, such AI generated content may be inaccurate or inconsistent. Please read the linked article for more details and information. OKX is not responsible for content hosted on third party sites. Digital asset holdings, including stablecoins and NFTs, involve a high degree of risk and can fluctuate greatly. You should carefully consider whether trading or holding digital assets is suitable for you in light of your financial condition.