JPMorgan adds KYC-defeating technology to Ethereum-based payment privacy tool Zether

Just as international financial regulators are about to announce stronger “know your customer” requirements for cryptocurrencies, banking giant JPMorgan Chase has released software designed to help people avoid them.

JPMorgan Chase told Coindesk on May 29 that it was releasing an open source protocol designed to help users of Ethereum-based cryptocurrencies hide their identity during financial transactions.

The extension encrypts the identity of users of Zether, a privacy-focused payment tool that works with Ethereum based cryptocurrencies and smart contracts. Zether uses zero-knowledge-proof (ZKP) technology to hide transaction details, but does not at this point obscure users’ identity. JPMorgan’s addition will add that feature. This will make the Zether token (ZTH) similar to privacy coin Monero (XMR).

“In the basic Zether, the account balances and the transfer amounts are concealed but the participants’ identities are not necessarily concealed,” JPMorgan Quorum and crypto-asset strategy head Oli Harris told Coindesk. “So, we have solved that. In our implementation, we provide a proof protocol for the anonymous extension in which the sender may hide herself and the transactions recipients in a larger group of parties.”

What makes open-sourcing the Zether anonymity tool surprising is that as a leading bank, JPMorgan is strongly committed to following know your customer (KYC) and anti-money laundering (AML) regulations. This applies to its forays into cryptocurrency. The bank made very clear that users of its newly announced, institutional client-focused JPM Coin stablecoin would have to undergo KYC scrutiny before being given access to the cryptocurrency.

Harris pointed to the Zether protocol’s usefulness in enterprise blockchain-based consortia using its Ethereum-based Quorum blockchain. The enterprise consortia JPMorgan is focusing on are generally made up of competitors in a single industry, in which working together has benefits, but participants don’t want to give other consortium members any access to proprietary information. So, hiding all details of transactions from other consortium members makes sense. And as these consortia are not open to the public, KYC regulations do not apply.

Among the consortia using Quorum is the Synaptic Health Alliance, which is working with healthcare industry companies like insurers Humana and UnitedHealthcare to create a joint database of doctors to share the burden of federal regulations requiring insurers to keep an up-to-date database of healthcare providers. Even though no proprietary information is shared, consortium members have been hesitant about working with competitors.

But, Harris added, the tool could also be used on publicly accessible blockchains to enable anonymous transactions. These are the focus of forthcoming regulations by the Financial Action Task Force (FATF), an international body created by the Group of 7 (G7) countries. While its pronouncements are technically suggestions, not enacting them will get a country on a blacklist by the seven largest economies in the world—effectively locking them out of the global banking system.

Among other things, the FATF requirements coming into effect will likely force cryptocurrency transactions to follow the “travel rule” which requires banks sending international wire transfers to include in the transaction more robust KYC information containing the name, account number, address, date and place of birth, and national identity number (for example a social security number) of the sender, as well as both the account number and name of the recipient, in the transaction. Within a single country, that information must be available to authorities on request.

Aside from FATF, The U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) recently released guidelines for virtual currencies that essentially require cryptocurrency transactions to follow the AML rules banks do, including verifying and recording KYC information, and designating personnel to oversee it. They must also assess their clientele, financial services offered, and geographies served for the risk of financing terrorism, supporting money laundering, and enabling financial crimes.

Many in the cryptocurrency industry have called these two sets of requirements difficult if not outright unworkable for technological reasons, including KYC/AML and blockchain analytics services provider Chainalysis. In a public comment to the FATF, the company’s COO Jonathan Levin and Global Head of Policy Jesse Spiro argued that increasing these requirements could drive crypto users to unregulated and decentralized peer-to-peer exchanges, making KYC and AML tracking even more difficult.