Incentives decide adoption: why privacy-preserving KYC needs a better economic model

Incentives decide adoption in digital identity

Most teams in the digital identity space assume the best compliance architecture naturally wins. They believe that if the cryptography is mathematically sound and the privacy protections are robust, the market will inevitably migrate toward the superior solution.

What most teams miss is that adoption is decided by incentives, not just architecture. For financial institutions, these digital identity systems live or die on the day-to-day reality of identity verification: cost, workflow, auditability, and user drop-off.

You can have the most elegant, privacy-preserving KYC system ever designed, but if implementation creates workflow friction, procurement delays, and increased costs, it will stall. For financial institutions, “better” personal privacy is rarely enough of a reason to rip out a legacy stack or add another massive line item to an already strained compliance budget.

The missing piece in the privacy-preserving KYC conversation is an economic and workflow model that makes sense for the enterprise. We have to address why platforms keep building their own identity data stores and why the current models actively encourage data hoarding.

Why identity verification keeps creating new data stores

The current state of identity verification is a loop of inefficiency and duplication. Every time a user interacts with a new platform, they undergo a completely fresh round of verification.

From the verifier’s perspective, they cannot easily trust a digital identity check performed by someone else. They need their own evidence trail and governance controls to satisfy regulatory mandates for remote customer onboarding (2). This leads to a massive duplication of sensitive data across the private sector. Every institution ends up holding a copy of the same passport, the same utility bill, and the same biometric scan.

Case study: A typical bank account onboarding journey

A user uploads a photo of their passport and a selfie to open an account. That identity data hits the bank’s front-end application layer. It is then copied into the identity verification vendor’s cloud for processing. Once verified, the data is passed to the bank’s core banking system. A copy is routed to the fraud engine for risk scoring. Another copy goes to the compliance archive for long-term record-keeping. Finally, it is backed up in disaster recovery servers.

From a single onboarding event, that sensitive data has been duplicated across half a dozen distinct systems. Those repeated copies of identity credentials increase breach exposure — and when identity credentials leak, they can be reused for identity theft.

Crucially, this is an expensive architectural pattern. Each of these systems requires its own secure infrastructure, specialized maintenance, and strict data governance oversight. Managing the same PII across multiple silos doesn’t just increase risk; it creates a massive, compounding operational expense for the institution.

Data duplication, data minimization, and operating cost

Data minimization is the practical goal here: collect and retain only what’s necessary for identity verification, auditability, and risk decisions — and avoid building new identity data stores by default.

• Most regulated onboarding programs require evidence and auditability around identity verification and customer due diligence (1).

• When each verifier collects its own evidence, identity data is duplicated across multiple systems.

• Maintaining duplicated data silos drives up operational costs through increased infrastructure requirements and the need for specialized security oversight for every storage point.

• Duplicated identity data increases the number of breach targets, even if each target is individually well-secured (3).

Running duplicated identity data is also a cost centre. When the same identity credentials are stored across multiple systems, institutions pay repeatedly for secure storage, access controls, audits, retention policies, and incident response readiness. This is why data minimization is not just a privacy principle — it can reduce the operational burden of compliance and aligns with privacy regimes like GDPR and CCPA that push organizations toward collecting and retaining less personal data by default (8)(9). In practice, privacy-preserving KYC can facilitate compliance with regulations like GDPR and CCPA by minimizing the amount of personal data collected and stored (8)(9).

The user experience bottleneck: repeat verification as friction

This duplication isn’t just a backend cost; it is a front-end conversion killer.

In the current model, if a user wants to open bank accounts with five different financial institutions, they must perform five separate KYC processes to prove the exact same thing five times. For the user, this is a repetitive, high-friction chore. For the institutions, this friction directly translates to dropped applications and higher Customer Acquisition Costs (CAC).

Done well, decentralized identity solutions can provide a more efficient, user-friendly KYC experience by reducing onboarding friction — because users can reuse a verifiable credential rather than repeat full identity verification on every platform. User-centric identity verification models can reduce onboarding friction by letting people complete verification once and reuse a verifiable credential across platforms. In practice, this can increase completion rates because fewer users abandon long mobile onboarding flows when they don’t have to re-upload documents each time.

The other hidden cost: operating KYC isn’t free

When we talk about identity verification, most people jump straight to privacy and breach exposure. But there’s another cost that shows up long before any breach: the cost of running KYC as an operation.

If you keep KYC in-house, you pay for the workflow: compliance operations, fraud review, escalation paths, evidence retention, vendor management, audits, and the internal systems needed to store and govern identity data.

If you outsource KYC to a third-party provider, you may reduce internal custody and operational load, but you replace it with recurring fees, contractual overhead, and dependency risk. You still have to integrate the workflow and keep an evidence trail.

Most platforms end up choosing between two expensive compliance models: building KYC operations in-house, or paying a third party to run them. Privacy-preserving KYC improves data exposure, but if it arrives as another paid vendor line item, it doesn’t change the incentive problem. That is the adoption bottleneck: teams need a model that reduces total cost of compliance and not only data risk.

The hidden cost: data breaches and the “honeypot” effect

This duplication is more than just an operational headache. It is a massive, compounding security liability. Every time identity credentials are copied into a new system, breach exposure increases — and the likelihood of identity theft rises because the same credentials can be reused across services.

Separation of concerns: de-linking identity from activity

One of the security benefits of privacy-preserving identity architectures is the ability to reduce linkage between identity data and activity data. When systems minimize what they store and separate identity evidence from transaction records, a breach in one environment is less likely to reveal the complete picture.

If a data breach happens at the financial platform, the attacker sees transactions but cannot easily link them to a specific person’s raw PII. Verifyo is one example of a Hold-to-Use approach designed to reduce this raw data replication and unnecessary linkage. By de-linking these data sets, the individual “honeypots” become significantly less valuable.

Decentralized identity solutions can reduce the risk associated with centralized data storage by limiting how much personally identifiable information is stored in one place. This can also reduce the impact of a breach because the attacker is less likely to obtain a complete identity + activity record from a single compromised system. Put simply: reducing centralized identity data storage reduces the risks associated with a single breach target that is often attractive to cybercriminals.

Privacy-preserving KYC in plain English

To move away from data hoarding, we need to understand the architectural tools that allow us to verify facts without endlessly moving files.

Explainer: Issuer, holder, verifier

The modern approach to digital identity relies on an issuer–holder–verifier model. Think of it like a digital version of a nightclub bouncer. The government (the issuer) gives you a license. You (the holder) keep it in your wallet. When you want to enter the club, the bouncer (the verifier) looks at the license to check your age. They do not photocopy it; they simply verify the claim and let you in.

In the digital world, a digital wallet allows the user to hold cryptographically signed claims, presenting them to verifiers only when necessary. In practice, a digital wallet can hold verifiable credentials and support selective disclosure, so the verifier gets the specific compliance signal it needs — not the full file.

Zero knowledge proofs and the technical definitions

• A zero knowledge proof lets one party prove a statement is true without revealing the underlying data (4).

• Selective disclosure lets a holder reveal only specific attributes instead of an entire credential (5).

• Verifiable credentials use an issuer–holder–verifier model, where the issuer signs claims and the holder presents proofs to verifiers (5).

• Selective disclosure is often implemented through verifiable credentials presented from a digital wallet, so only the necessary attributes are shared (5).

Zero-knowledge proofs can be used to verify compliance attributes without exposing sensitive personal data. Privacy-preserving KYC can enhance user trust by allowing individuals to control their personal data while still meeting compliance requirements.

Why “better architecture” still stalls in the real world

The realities of adoption friction

• Procurement and security reviews often extend integration timelines.

• Adding a new identity verification system generally introduces workflow friction.

• Onboarding friction can reduce completion rates, especially on mobile flows.

• Traditional pay-per-check pricing often inadvertently incentivizes data retention.

That’s why decentralized identity and decentralized identifiers keep getting discussed in the private sector, but adoption stalls when the incentive model still looks like “another vendor, another workflow.” In crypto and Web3, this friction is amplified. Many Virtual Asset Service Providers (VASPs) operate across jurisdictions where regulatory expectations are not fully consistent, so identity verification programs often need to adapt to multiple rule sets and risk profiles (10). That complexity increases compliance costs and slows onboarding, which is why crypto platforms tend to treat identity verification as both a security requirement and a growth bottleneck.

Hold-to-Use as incentive design

To fix this market failure, we have to change the economic and operational incentives. This is where Hold-to-Use architecture becomes critical.

Hold-to-Use is an incentive design built around user agency and controlled access. In this model, the user retains control of their attributes, and the verifier requests proofs when needed, rather than collecting and storing full identity files by default.

Breaking the per-check fee cycle

A practical incentive shift is moving away from linear per-check billing. When costs scale directly with every new user, teams rationally look for ways to reduce repeated checks and store more data “just in case.” Models that lower marginal verification costs—while still preserving audit evidence—can make adoption easier, because they reduce budget friction and procurement resistance.

Why free-to-adopt can be a rational mechanism

One approach in this category is Verifyo, which uses a Hold-to-Use model. The core idea is not “free” as a promotion — it’s free as an adoption mechanism. If a platform can meet identity verification requirements while reducing recurring vendor fees and shrinking the amount of sensitive data it must store and govern, the model creates a tangible incentive: lower compliance operating cost alongside lower breach exposure.

Conclusion: adoption follows incentives

The future of digital identity will not be decided solely by the elegance of zero knowledge proofs. It will be decided by economics and workflow integration.

The point isn’t to weaken controls — it’s to make “verified identity” usable as a safer input into fraud and AML programs, so platforms can reduce anonymous abuse while minimizing unnecessary exposure of identity data. Privacy-preserving identity systems can also help prevent financial crime by ensuring that only verified identities are used in transactions, without forcing every platform to store full identity files (1)(7). By shifting to a Hold-to-Use model—where user agency is prioritized and platforms are economically incentivized to adopt—we can finally align the goals of personal privacy, enterprise security, and regulatory compliance.

Operator checklist (what to implement)

• Review your identity data storage: How much of it is a liability rather than an asset?

• Map adoption hurdles: Is cost or friction the primary blocker in your current workflow?

• Explore Hold-to-Use models: Investigate architectures that reduce breach exposure.

Footnotes

(1) FATF Guidance on Digital Identity:

(2) EBA Guidelines on remote customer onboarding:

(3) NIST SP 800-122 Guide to Protecting the Confidentiality of PII:

(4) NIST Glossary: Zero Knowledge Proof:

(5) W3C Verifiable Credentials Data Model v2.0:

(6) W3C Decentralized Identifiers (DIDs) v1.0:

(7) FATF Risk-Based Approach for the Banking Sector:

(8) GDPR Art. 5(1)©:

(9) California Civil Code § 1798.100© (CPRA Data Minimization):

(10) FATF Guidance for a Risk-Based Approach to Virtual Assets and VASPs: