Blockchain-powered payments and ID platform Nuggets, which removes the need to store sensitive personal or payment data with third parties, revealed that its document storage solution has been chosen as one of the fifth cohort of businesses in the UK Financial Conduct Authority’s (FCA) regulatory sandbox. The sandbox allows businesses to test innovative products, services, business models and delivery mechanisms in a live environment. Nuggets won recognition as part of the second cohort of businesses to be selected. Now, as part of the fifth cohort, Nuggets will begin customer testing of their innovative document storage solution.
Alastair Johnson, CEO and Founder of Nuggets, explains: “Right now, we’re stuck with a system that forces customers to duplicate key processes. As a result, sensitive personal documents are stored in multiple locations with multiple services. That’s a poor experience for customers. More seriously, it greatly increases the risk of data breaches. Recent years have proved, with increasing frequency, just how severe those risks are.”
Many players are looking at attestations as a way forward on this issue. But most banks and services won’t accept each other’s attestations for risk and compliance reasons. This approach also fails to solve the central issue that sensitive personal information is still being stored by third party providers.
Third party providers have been shown to be vulnerable to attack by hackers – for example, in the massive Equifax breach of 2017. This was not an isolated incident: 500 million customers of the hotel group Marriott International were affected by a data breach in 2018. More recently, over 24 million US loan and mortgage documents were breached in a server security lapse.
“What we need is a system that enables individuals to stay in control of their personal documents,” adds Johnson. “That means they can use them to verify their identities without having to store them in numerous third-party locations. This is what Nuggets will be testing in the FCA Sandbox.”
Nuggets’ solution provides a holistic answer to the issues of identity fraud and personal data breaches, by keeping personal and business document data in the hands of individual customers. Using Nuggets, an individual can own and control their documents indefinitely. New documents, such as utility bills, can be added to the original set whenever required in the users digital vault.
All these documents can then be presented in read-only form to a service or regulatory body, or as an attestation if and when attestions are accepted. This gives the service provider time-stamped access to the data for the regulatory period required, without the need to store it themselves – saving them the cost and responsibility of storage.
This new approach could transform the simplicity and security of KYC processes required by current regulations. It also offers exciting potential for the future.
In the context of Open Banking, for example, where customers will be enabled and encouraged to switch providers easily and use a range of different services at once, the importance of simple, secure KYC processes will only increase.