Crypto and Web3

The job identity does in this industry

Web3 identity bridges two worlds: cryptographic wallet identity (no central authority) and regulated KYC identity (required for fiat on-ramps and centralized exchanges). Most production systems implement both side by side.

Use cases by segment

• DeFi protocols: Wallet-only identity, optional KYC for higher tiers
• Centralized exchanges: Full KYC with identity verification, sanctions screening, transaction monitoring
• NFT platforms: Wallet identity plus social profile, anti-wash-trading checks
• Crypto wallets: Self-custody key management, social recovery, account abstraction
• Web3 consumer apps: Embedded wallets, passkey-based key custody, email login flows that hide blockchain complexity

Vendor landscape

Dynamic, Privy, Magic, and thirdweb compete on embedded wallet infrastructure that abstracts crypto complexity from end users. For KYC, Persona, Sumsub, and Jumio are common picks. Chainalysis and TRM Labs lead transaction monitoring. ENS provides human-readable identifiers; DID and Verifiable Credentials are the standards layer.

Common pitfalls

• Forcing users to manage seed phrases — most consumers can't
• Confusing wallet authentication (cryptographic) with identity verification (regulatory)
• Building KYC flows that block legitimate users in high-fraud regions
• Storing crypto on infrastructure not built for the loss profile (no FDIC, irreversible)
• Treating wallet-derived identity as portable when it's actually pseudonymous and linkable

Outlook

Account abstraction (ERC-4337) makes wallets behave more like regular accounts with recovery, gas sponsorship, and session keys. Passkey-secured embedded wallets will replace seed phrases for consumer apps. MiCA goes into full effect in the EU. Expect KYC vendors to deepen crypto-specific risk scoring (mixers, sanctioned addresses).