Skip to main content

KYC | Bitcoin Glossary | Mapping Bitcoin

KYC

Geral

Also known as: Know Your Customer, KYC/AML

Know Your Customer, regulatory requirements that compel financial service providers to verify the identity of their users. In the Bitcoin space, KYC typically involves providing government ID and personal information to exchanges, which raises privacy and surveillance concerns.

Overview

Know Your Customer (KYC) refers to the regulatory requirements imposed on financial institutions and service providers to verify the identity of their customers. In the Bitcoin ecosystem, KYC primarily affects centralized exchanges, brokers, and custodial services that operate within regulated jurisdictions. Users must typically provide government-issued identification, proof of address, and sometimes source-of-funds documentation before they can buy, sell, or trade bitcoin on these platforms.

How KYC Affects Bitcoin Users

Buying Bitcoin WITH KYC:
┌─────────────────────────────────────────────────────┐
│ 1. Create exchange account                          │
│ 2. Submit ID documents (passport, driver's license) │
│ 3. Submit proof of address (utility bill, etc.)     │
│ 4. Selfie verification / liveness check             │
│ 5. Wait for approval (hours to days)                │
│ 6. Link bank account or payment method              │
│ 7. Purchase bitcoin                                 │
│                                                     │
│ Result: Exchange has your identity linked to your    │
│ bitcoin purchases and withdrawal addresses           │
└─────────────────────────────────────────────────────┘

Buying Bitcoin WITHOUT KYC:
┌─────────────────────────────────────────────────────┐
│ - Peer-to-peer platforms (Bisq, HodlHodl, Peach)   │
│ - Bitcoin ATMs (some, up to certain limits)          │
│ - Mining bitcoin directly                           │
│ - Earning bitcoin for goods and services            │
│ - Peer-to-peer in-person trades                     │
│                                                     │
│ Result: No identity linked to your bitcoin           │
└─────────────────────────────────────────────────────┘

KYC and AML Framework

KYC is part of the broader Anti-Money Laundering (AML) regulatory framework:

  • KYC: Verify who the customer is
  • AML: Monitor transactions for suspicious activity
  • CTF: Counter-Terrorism Financing regulations
  • Travel Rule: Requires exchanges to share sender/receiver information for transfers above certain thresholds

Privacy Implications

KYC creates a permanent link between a person's real-world identity and their bitcoin activity:

  • Exchange data breaches: KYC information stored by exchanges can be leaked, exposing users to identity theft and targeted attacks (e.g., the Ledger customer database breach)
  • Chain analysis: Once an address is tied to an identity via KYC, all connected transactions can be traced
  • Government surveillance: Authorities can request customer data from regulated exchanges
  • Address clustering: Withdrawal addresses from KYC exchanges become identity anchors for blockchain analysis

The KYC Debate in Bitcoin

Pro-KYC arguments:

  • Required for legal operation in most jurisdictions
  • Helps prevent fraud and recover stolen funds
  • Enables institutional adoption and traditional finance integration
  • Necessary for regulated financial products (ETFs, custodians)

Anti-KYC arguments:

  • Bitcoin was designed for peer-to-peer transactions without intermediaries
  • KYC creates honeypots of sensitive personal data
  • Excludes the unbanked and those without government ID
  • Enables financial surveillance that conflicts with privacy rights
  • Creates a chilling effect on legitimate Bitcoin usage

Mitigating KYC Risks

For users who must use KYC services:

  • Withdraw bitcoin to self-custody immediately after purchase
  • Use CoinJoin or other privacy tools to break the chain of traceability
  • Use different addresses for each withdrawal
  • Consider the exchange's security track record and data retention policies
  • Be aware that post-KYC privacy measures provide limited protection since the initial purchase is already linked to identity

Common Misconceptions

  • KYC does not make Bitcoin itself less private. The protocol is unchanged; KYC only affects users who interact with regulated services.
  • Not all Bitcoin services require KYC. Peer-to-peer platforms, self-hosted wallets, and the Lightning Network can be used without identity verification.
  • KYC compliance does not guarantee safety. Exchanges with full KYC have still been hacked, gone bankrupt, or frozen user funds.
  • "No KYC" does not mean "illegal." In many jurisdictions, peer-to-peer Bitcoin transactions between individuals are perfectly legal without KYC requirements.

Termos Relacionados

Custodial WalletSegurança

A Bitcoin wallet where a third party holds and controls the private keys on behalf of the user. While convenient, custodial wallets require trusting the provider with your funds and are subject to counterparty risk.

Chain AnalysisSegurança

The practice of examining Bitcoin blockchain data to trace transaction flows, identify address clusters, and de-anonymize users. Chain analysis firms provide surveillance services to governments and financial institutions, motivating privacy-enhancing techniques.

Non-CustodialSegurança

A wallet or service where the user retains full control of their private keys and does not rely on a third party to hold funds. Non-custodial solutions embody the Bitcoin principle of 'not your keys, not your coins.'