At an unknown date the KYC contract that Miner One had with provider Ondato has been cancelled and all data has been returned to Miner One.

KYC which stands for Know Your Customer or alternatively Know Your Client is used to verify the identity of a client and assessing potential risks and is also a part of Anti Money Laundering (AML) requirements that have been a part of the finance industry for a long time.

Miner One required KYC to be completed before tokens would be distributed, they way it worked was you take a photo front and back of your government issued identification (drivers license normally) or a photo front and back of the passport page with your photo and upload this. The next step is a selfie and normally it is requested that you hold a piece of paper with some information including the date on there with your identification document however Miner One only requested a selfie.

The data is sent to a third party service which in this case was Ondato who verify the information given against the photos provided and send back a pass or fail to Miner One.

Services such as Ondato hold onto this information but in the case of the contract being cancelled all the data including photos of identification, selfie and other data they looked up to verify your identification is sent to the company. It has been verified by the company that all data has been returned to Miner One however I was unable to verify the date which of courses raises the question as to why an ICO that is still running would cancel their KYC service?

In this case Miner One that is a known scam has hold of information that has resale value or can be used for identity fraud. This is a huge issue and one that will be looked at in more detail.

Join the Conversation

3 Comments

  1. So if I understand this correctly, the photos during KYC process was not available to Miner One, but when a customers stops paying to Ondato, Ondato will give photos to that customer (Miner One in this case)? But that is huge issue with the Ondato, for sure against any privacy rules and GDPR.

    1. Whilst the customer is paying I understand that Ondato hold all the data but I assume (and I will clarify this later on when I write an article on the KYC issues) that Miner One can access this data either at request or via a login. When the customer (Miner One) terminates the relationship all the data is returned to Miner One in it’s entirety. Again Ondato are the not the only ones that do this.

      This is one of the biggest issues with KYC, there is no secure place that holds onto the data and in this case you have a scam ICO with people that are proven to be utterly untrustworthy and they are now in possession of information that can sell or misuse. The other issue is how do they store it? Is it stored somewhere encrypted or on a usb flash drive? It’s not like Miner One is the only scam ICO as well.

  2. Bonsoir que devons-nous faire alors ? J’aimerais bien que cela se règle car j’y ai investi toutes mes économies . Pour ma part je n’ai plus rien… et surtout plus rien à perdre . J’espère que cela va se réparer ( soit mon argent) . Vu que j’ai tout perdu ( mon couple s’écroule à cause de tous ça ) pour l’instant je patiente mais je suis prêt à me faire justice moi même si il le faut. Avec toutes les personnes qui ont participé à tous cela . Leurs photos leurs visages sont bien enregistrés et le monde est petit . Sur ce merci Matthew pour ton travail.

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.