KYC providers
GNU Taler operators need to satisfy regulatory requirements in terms of Know-your-customer (KYC) regulation and risk assessment (which usually starts with checking for politically exposed persons (PEPs)). KYC usually requires at the minimum for the customer to upload some identity documents, which then must be verified. KYC often also requires some kind of lifeness checks to ensure that the owner of the documents is the one passing the documentation along. To this end, we have tried to find KYC "solutions" that would help us address this.
Naturally, the goal is to do this with Free Software. However, all of the solutions we found so far are proprietary SaaSS. If you know of a solution that is actually Free Software, we would be eager to hear from you.
In the absence of a proper FLOSS solution, we have looked at other important criteria, such as the solution offering at least FLOSS integration on the client-side, having an open API specification (no NDA!), or even supporting a standard API. Technically, we also need the KYC provider to work nicely over the Web (not just with a smartphone), and from a business perspective we like transparent pricing (alas, this is the least important point).
Criteria Summary
Thus, these are the key evaluation criteria we have:
- Supports collecting and validating KYC information, including PEP lists and ID documents from Europe
- Open API specification (no NDA, directly on web site)
- Web interface support (no required app-only integration, can run KYC process just in a browser)
- Supports standard open API (OpenID, OIDC, etc.)
- Client-side code is FLOSS (no proprietary JavaScript and/or FLOSS app integrations)
- Transparent pricing (prices not only upon inquiry)
- Server-side is fully FLOSS (not SaaSS)