In Switzerland and the Netherlands, a Virtual Asset Service Provider (VASP)—any financial intermediary dealing with crypto assets such as Bitcoin—is legally obliged to require proof of ownership of a customer's wallet address before withdrawals and deposits can be made. AOPP is a simple and automated solution for providing proof of ownership of an external wallet's address.
The following wallets already have, or will soon have*, built-in support for AOPP.
As of August 2019, Swiss VASPs are obliged to require proof of ownership of a wallet address for withdrawals and deposits to the non-custodial wallets of their customers.
"A transfer from or to an external wallet belonging to a third party is only possible if, as for a client relationship, the supervised institution has first verified the identity of the third party, established the identity of the beneficial owner and proven the third party's ownership of the external wallet using suitable technical means."Swiss Financial Market Supervisory Authority (FINMA) is the Swiss government body responsible for financial regulation.
"Payment transactions to and from external wallets are only permitted where the wallets are owned by a member's own customer. The customer's authority over the external wallet must be verified using suitable technical measures. Transactions between customers of the same member are permitted."The Financial Services Standards Association (VQF) is Switzerland's leading self-regulatory organisation (SRO) for VASPs. As an SRO officially recognized by the FINMA, the VQF is obliged to supervise its members with regard to the combating of money laundering and the prevention of the financing of terrorism.
The Dutch Sanctions Act stipulates that VASPs must take measures to ensure they adequately check ownership of a wallet address before withdrawals from or deposits to a customer's non-custodial wallet.
"The provider must establish that this person or legal entity is actually the recipient or the sender. ... Providers can whitelist external wallets using technological means."De Nederlandsche Bank (DNB) is the central bank of the Netherlands. It supervises banks, investment institutions, and exchange offices.
Full compliance with FINMA guidance, VQF regulations, and DNBs' interpretation.
Proves ownership with digital signatures instead of sending crypto assets or asking for screenshots, thereby enhancing user experience.
Does not require address reuse and so preserves conventional best-practices for privacy.
Adopting the digital signature standards that Bitcoin uses makes it straightforward to implement for developers.
The wallet communicates directly with the VASP. No intermediary needed.
Eliminates Man-in-the-middle attack (MITM) from crypto-malware by avoiding copy/paste of addresses.
Wallet developers, VASPs and Bitcoiners on their experience with AOPP: