Add a field in the smart contract for managing SelfKey IDs that allow SelfKey IDs to declare a public key for the purposes of encrypted exchange.
This field should allow for the public key encryption algorithm to be specified (therefore allowing multiple algorithms to be used), as well as the actual public key itself.
KYC is centered around identity therefore at all points of interaction within the SelfKey marketplace, identity owners exchanging identity documents with verifying parties or relying parties should be able to ensure that their document was sent only to the particular party (proof of custody / chain of custody verification). This would ensure that any HTTP(S) endpoints that were compromised did not necessarily leak the data as the data would only be able to be opened by the respective private key.
Given the nature of KYC and the fintech industry, it is a foregone conclusion that it is a matter of time before KYC information determined / built on the SelfKey platform will be used in a court of law, where chain of custody will be critical to the outcome of that legal matter. Ensuring chain of custody will capture the full legal value of the KYC process.
By allowing public keys for SelfKey IDs to be specified, this allows for a decentralised PKI to be built on top of the SelfKey system. One method that this may manifest itself is a decentralised PGP key store...
A decentralised PGP key store (specified by the PGP algorithm followed by the associated public key) to verify signatures / encrypt messages destined for a specific SelfKey ID. Developing an API for this would allow developers to integrate this into their systems allowing for greater (near infinite penetration) for SelfKey ID, even outside of the KYC application.