KYC Explained

Fiat payment methods are powered by our payment system partners. Each gateway and its provider has its own jurisdiction, local accessibility and may have specific requirements. What makes them do so, are anti-money laundering (AML) and counter-terrorism financing (CFT) regulations. To meet these requirements, we have developed KYC.

KYC (Know Your Customer) is a form of due diligence designed for full, or partial access to their services. Your KYC level defines the fiat gateways available for you.

Generally, KYC is a procedure, or a series of procedures aimed at verifying the following information provided by clients, declaratively or with supporting documents:

  • Contact information, including e-mail and address;
  • Identity, based on government-issued IDs;
  • Residence, based on utility bills, bank statements, or voters' cards;
  • Other relevant information.

These verifications are typically split into a number of individual steps, where more steps completed make user account more functional. Each payment method has its own required steps and it may vary for different payment methods.

You can check the required verification steps in Fintap: go SettingsKYC Status:

Tap on the specific Payment method:

This article does not contain detailed walkthroughs for specific KYC procedures, providing a quick review of the big picture with references to dedicated Knowledge Base articles.

Legal framework

KYC procedures are regulated by Fintap AML policy legally binding for users of our products and services.

Below is the table that provides brief summary of KYC verifications.

Data protection

Multiple types of KYC verification result in collection of plethora of sensitive customer information, which means implemented protection of such personal data shall meet the highest security standards for data-in-motion (when collected), data-in-use (when processed), or data-at-rest (when stored).


These personal data can be used to restore access to account under almost any circumstances: if you lose your credentials or access to your associated mailbox, you can still recover access to your account as long as your identity has been previously verified.

As we use a combination of in-house and contractor-based approach when collecting, processing and storing personal data, we have implemented industry leading standards via a set of security measures to ensure the highest level of protection. These include:

  • A sophisticated security policy, including data loss prevention policy;
  • In-house security officers;
  • DLP tools;
  • Monitoring;
  • Risk management;
  • Regular penetration tests.


  • Platform’s security is constantly monitored, regularly tested, and audited.
  • Identity verification contractors are GDPR-compliant.
  • Server network’s software is always up-to-date.