Blockchain security firm CipherTrace has formally announced the release of its Travel Rule Information Sharing Architecture (TRISA); a new way for cryptocurrency businesses to satisfy regulatory pressure to enforce the travel rule, which requires financial institutions to share information of fund transfers.
TRISA is described as a reference implementation that can be integrated into cryptocurrency exchanges and wallet provides, provided for free as open-source software. Additional authentication, revocation or security services can then be purchased from CipherTrace or another provider. More details about how it works technically can be found in its white paper.
Growing Pressure for a Cryptocurrency Travel Rule
CipherTrace’s TRISA protocol comes as pressure has been building for cryptocurrency businesses to comply with the travel rule and it isn’t the firm’s first bid to bolster compliance. After the Financial Action Task Force (FATF) finalized recent recommended guidelines for cryptocurrency exchanges, which included information sharing similar to that called for by the travel rule, CipherTrace partnered with Shyft to unveil a new ID protection system in July 2019.
Dave Jevans, CipherTrace’s founder and CEO, detailed how TRISA builds on some of the previous work that CipherTrace has done.
“[TRISA is] a foundational layer that will set up the trust relationships between VASPs [virtual asset service providers], manage the encryption keys and confidentially exchange travel rule data,” he told Bitcoin Magazine. “It is about secure, reliable delivery of PII [personally identifiable information] to the correct VASP, which eliminates a huge risk for exchanges.”
In addition to framing TRISA as a way to protect privacy while complying with regulations, Jevans pointed out that Shyft will “contribute privacy-preserving features to enable compliance with GDPR and other privacy regimes” as it is implemented.
Privacy-Preserving Cryptocurrency Travel Rule Compliance
The FATF’s recommendations would make it necessary for all VASPs to share and store both sender and receiver data for all cryptocurrency transactions, and TRISA aims to make connections between these VASPs more secure.
“TRISA is about confidentiality and ensuring reliable delivery of transaction information,” Jevans said. “The reference implementation relies on the VASPs to secure the data in their possession — i.e., ‘at rest.’ It guards against information leaks by using TLS 1.3 with forward privacy to encrypt data in transit.”
The company’s announcement of the protocol notes that Binance is already looking at TRISA as a solution for FATF compliance.
“We have witnessed significant interest from large VASPs in the G20 countries,” Jevans said, adding that CipherTrace “hope[s] to have several major exchanges participate in the upcoming proof of concept and interoperability testing.”