- Cryptocurrency exchange KYC standards have been exposed after a security analyst was able to fool Huobi and KuCoin dressing as Borat and Taylor Swift
- Rich Sanders donned wigs, makeup, and a beard and managed to pass the exchange KYC checks to allow him to trade on the site
- The lack of oversight of exchange KYC undermines authorities’ attempts to improve security
The parlous state of cryptocurrency exchange Know Your Customer (KYC) regulations has been highlighted by a Twitter user who managed to pass checks on KuCoin and Huobi when dressed as Borat and a Borat/Taylor Swift hybrid. Rich Sanders, a blockchain forensics and cybersecurity investigator, managed to clear the KYC protocols of the two exchanges in the frankly disturbing getups, highlighting how cryptocurrency exchange KYC has a long way to go to meet authorities’ demands.
Borat and Taylor Swift Nightmares Clear KYC Checks
Sanders’ first attempt at fooling exchange KYC protocols came in late November and involved dressing as Kazakhstan’s favorite son Borat trying to use a fake Kazakhstan passport to clear identity checks:
Borat: Make Registrations on KuCoin sexchange for make Benefit Glorious Nation of Moonlambostan
CHENQUI. in travels to US&A, i hear at thanksgiving from normie that bit coin make his chrum pump money. Kazakhstan Ministry of Information send me on mission to capture Bitcoin gypsy pic.twitter.com/jwM5eF4eWn
— Rich Sanders [Jan/3➞₿🔑∎] (@Raindropactual) November 28, 2020
Unbelievably, the ruse worked and Sanders’ Khazak homage was cleared for trading on KuCoin under the name Borat Sagdiyev. Seemingly buoyed by his success, or more likely in despair over the state of exchange regulations, Sanders upped his game, swapping Borat’s hair for a blonde wig and adding blue eye shadow, lipstick, and a silver sequin dress to become – in some twisted world – Taylor Swift:
@kucoincom round 2: Taylor B. Swift KYCs on KuCoin.
the B is for BEARD
bonus: passed @HuobiGlobal ‘s first tier. pic.twitter.com/zPDjFb2Pen
— Rich Sanders [Jan/3➞₿🔑∎] (@Raindropactual) December 9, 2020
Incredibly, Sanders’ MTV nightmare passed the checks again, earning him tier 2 trading capabilities at KuCoin and tier 1 at Huobi.
Sanders went on to mock Huobi’s stated aim of targeting money laundering, adding that the cost of running the kind of document authentication program that would have rumbled him as “well under $2/user”:
Cost to run a document authentication (facial comparison + actually running the ID#) is well under $2/user.
KYT tools are often priced by volume, but are typically within the five figure range yearly.
Huobi’s 24h volume reported as $2,752,819,999.
— Rich Sanders [Jan/3➞₿🔑∎] (@Raindropactual) December 10, 2020
Authorities’ Exchange KYC Demands Being Undermined
Regulation of cryptocurrency exchanges has been a key concern of authorities the world over, given that they represent the easiest way for criminals to offload their ill-gotten gains. However, by leaving exchanges to implement such practices themselves and not enforcing minimum requirements, it is clear that the requisite standards are not being met and that criminal activity is likely continuing unchecked.