CipherTrace, a leader in blockchain security, introduces an open source Travel Rule Information Sharing Architecture (TRISA). This secure and trustworthy framework enables cryptocurrency exchanges to comply with new funds Travel Rule requirements.
Virtual Asset Service Providers (VASPs) can immediately begin deploying TRISA to reliably share payment details while maintaining the confidentiality of Bitcoin transaction data—ranging from customers’ personally identifiable information to their trading patterns. The TRISA whitepaper and open source software is available today.
TRISA addresses the urgent need for VASPs to comply with the “Travel Rule” that was finalized by the FATF—the global anti-money laundering watchdog—in late June. The new rule compels VASPs in all G20 countries to share and store private sender (originator) and receiver (beneficiary) information related to every cryptocurrency transaction over USD/EUR $1,000.
A number of voices in the virtual asset community have criticized the FATF requirement, claiming it would cripple cryptocurrency exchanges and violate user privacy. However, TRISA enables immediate Travel Rule compliance with minimal impact on transaction flows, all without the need to fork existing blockchains.
It was designed to scale to the volumes required by exchanges while furnishing 7×24 reliability, making the architecture reliable under peak demands and resistant to denial-of-service attacks (DoS).
Already, major exchanges and wallets, such as Binance, are considering the solution as a viable option for compliance.
Based on proven internet commerce, banking, and secure communications technologies
CipherTrace has designed and delivered a solution built upon security and cryptography technologies that have been proven for years to secure banking, ecommerce, and government communications. TRISA applies trusted Public Key Infrastructure (PKI) to mutually authenticate VASPs and securely transmit sensitive transaction data.
VASPs currently face difficulty in determining whether a transfer is coming or going to an obliged entity or not. TRISA’s security design minimizes the risks of VASPs sending PII (Personally Identifiable Information) to the incorrect entity with the VASP Address Confirmation Protocol.
Digital signatures provide digital proof of delivery and have been accepted globally for nonrepudiation.
The solution is a reference implementation that is scalable for exchanges and wallet providers. It is provided free of charge as open source software. VASP authentication, revocation and security services are offered by CipherTrace, but can also be provided by other companies, government agencies or consortia due to the open source nature of TRISA and its governance model, which is vendor agnostic.
TRISA is not only practical as a much-needed near-term solution, but also aligns with the FATF’s recommendation to use existing trusted technologies. TRISA not only lends itself to open source and governance models, but also comprises a solution that will enable the cryptocurrency industry to achieve regulatory compliance quickly and with minimal cost. Plus, it will enable scalable solutions and an open global marketplace.
BSA Travel Rule now applies to convertible virtual currencies
Further complicating “Travel Rule” compliance for VASPs, in May 2019, the US Treasury’s Financial Crimes Enforcement Network (FinCEN) issued an advisory that it will now categorize certain business models involving money transmission denominated in value that substitutes for currency—specifically, convertible virtual currencies (CVCs)—as money service business (MSBs).
This designation means they should now comply with the long-standing Bank Secrecy Act (BSA) transmittal of funds “Travel” rule 31 CFR 103.33(g).
“CipherTrace developed TRISA to help the virtual asset community meet the daunting task of complying with the Travel Rule, and many are very interested in testing it,” said CipherTrace CEO, Dave Jevans.
“By applying the team’s deep security expertise to this challenge we help avoid major technical and process pitfalls. For example, rather than trying to modify blockchains, we are proposing a reference architecture that creates a separate out-of-band security mechanism to augment existing blockchains and cryptocurrencies for compliance purposes.”
The primary technology partner collaborating with CipherTrace to release TRISA is Shyft Network, a blockchain designed to embed trust and validation into data across open and permissioned networks alike.
Shyft Network has developed an architectural solution that is ready to deploy as core infrastructure in the TRISA framework, which includes cross-platform user interoperable authentication and sign-on, top-level coalition formation and management, and privacy-preserving identity credential attestation to enable encrypted communication and compliance.
As partners, CipherTrace and Shyft Network have built a solution to serve the needs of the many networks, exchanges, and users in the digital asset ecosystem.
“We’re proud supporters of the TRISA initiative and excited to be working with CipherTrace as a partner due to our shared focus on privacy preservation, security, and decentralized community governance,” said Chris Forrester, Shyft Network Co-founder and CTO.