Every tokenized security offering in the United States requires Know Your Customer (KYC) verification before an investor can participate. An accredited investor must prove accreditation. A qualified purchaser must demonstrate net investment holdings. An institutional investor must be identified and screened against OFAC sanctions lists. In the traditional securities world, this verification is performed separately by each broker, bank, or fund administrator — investors re-verify with every new platform.
The result in tokenized markets: an investor who completes KYC with Securitize cannot automatically invest through tZERO, INX, or another platform without repeating the process. Each repeat increases compliance cost, slows time-to-investment, and creates friction that limits market participation. Digital identity standards seek to solve this through portable, verifiable credentials that an investor verifies once and reuses across multiple platforms.
W3C Verifiable Credentials
The World Wide Web Consortium (W3C) published the Verifiable Credentials (VC) Data Model as a recommendation in 2019. VCs are a general framework for issuing and verifying digital credentials in a standardized, privacy-preserving way:
Issuer: A trusted entity (KYC provider, employer, university, government) that issues a credential asserting a fact about the holder.
Holder: The individual or entity that holds the credential in a digital wallet.
Verifier: Any relying party that accepts the credential for access, compliance, or other purposes.
A VC for “accredited investor status” might be issued by a KYC provider after they verify income and net worth documents. The holder stores this credential in their digital wallet. When accessing a tokenized PE fund on Securitize, they present the credential. Securitize verifies the credential’s cryptographic signature (confirming it was issued by a trusted KYC provider) without needing to re-conduct the underlying document review.
Key privacy property: VCs can use selective disclosure — the holder proves they are an accredited investor without revealing their specific income or net worth figures. Zero-knowledge variants (ZK-VCs) prove claims without revealing any underlying data.
Circle Verite
Circle released Verite as an open-source implementation of W3C VCs for crypto-specific compliance claims in 2022. Verite defines standard credential schemas for: KYC/AML verification, accredited investor status, credit risk assessments, and jurisdiction-based eligibility (e.g., “not a US person” for international offerings).
Verite’s design: the credential is issued by a compliant KYC provider (using standard VC format), held by the investor in any compatible wallet, and verified by any Verite-compatible application. Circle released Verite royalty-free to encourage ecosystem adoption. Center Consortium (Circle and Coinbase’s standards body) has incorporated Verite into its standards roadmap.
ONCHAINID and ERC-3643
ONCHAINID is the identity system embedded in the ERC-3643 security token standard, developed by Tokeny Solutions. Rather than storing identity credentials in a digital wallet (off-chain with on-chain verification), ONCHAINID stores claims on-chain in a smart contract linked to the investor’s wallet address.
How it works: a trusted claim issuer (KYC provider) signs a claim (“this wallet is KYC verified,” “this wallet belongs to an accredited investor”) and posts it to the ONCHAINID registry. When an ERC-3643 token transfer is attempted, the token’s compliance smart contract queries the ONCHAINID registry for the receiving address’s claims and allows or blocks the transfer accordingly.
ONCHAINID is the most widely deployed on-chain identity system for security tokens, used by Tokeny’s 100+ tokenization clients across Europe and North America. It satisfies FinCEN Customer Identification Program requirements when the underlying KYC is performed by a regulated financial institution that maintains the underlying documentation.
Polygon ID
Polygon ID uses zero-knowledge proofs to enable identity verification without revealing the underlying data. An investor proves they are a KYC-verified EU resident without revealing their passport number, address, or other personal data. The ZK proof is generated client-side in the investor’s wallet; the verifier receives a mathematical proof, not personal data.
This is the most privacy-preserving approach to blockchain identity and is GDPR-compliant by design (no personal data transmitted or stored on-chain). Polygon ID uses the Iden3 protocol and Circom ZK circuit library.
Regulatory Acceptance
FinCEN’s Customer Identification Program rules require financial institutions to collect and verify identifying information. Blockchain-stored credentials satisfy this requirement when: (1) the underlying KYC is conducted by a regulated financial institution or its agent, (2) the institution maintains the underlying documentation records as required, and (3) the blockchain credential provides a cryptographically verifiable link to those records. Multiple securities regulators have confirmed this framework in no-action letters and informal guidance. The credential is an efficiency tool, not a replacement for the underlying regulated KYC process.