[null_object]

> BankID doesn't store any information

I work with systems that use BankID identification, and know for a fact that you are wrong, because many (though not all) of the data-points collected by the banks can be retrieved for payment.

For instance, if you just logged-in with the service I work with, I can retrieve your full-name, birthdate, your marital status, name of your spouse, their birthdate, any children and their IDs and names, where you live, your home and cellphone number, and many many other data points.

From a service owned by a small group of private banks.

[nickez]

That is all public data. You can get that through open channels like birthday.se as well. I've been at BankID and I know for a fact exactly what information they store. They store only what is necessary from a regulatory standpoint.

[caskstrength]

Are personal mobile phone numbers considered public information in Sweden?

[viceroyalbean]

You can get a phone number without registering it to your name, but otherwise yes. Most people's phone numbers can be found online, as well as reverse (find someone's name by phone number) .

[croes]

A paradise for identity theft

[kalleboo]

Requiring strong ID verification (from government ID or the digital ID we're discussing) helps protect against identity theft. Other countries I've lived in that use very weak forms of ID ("a utility bill in your name") seem like much bigger paradises for identity theft.

[croes]

I'm talking about cross border identity theft. The public data of swedish citizens is sufficent for weaker identity systems in other countries.

[2rsf]

Practically identity theft the way you think about are very rare in Sweden, more common are social engineering attempts like calling people and asking them to use their MobilBank ID while the caller logs in in their name.

Remember that personal ID numbers are not a big secret in Sweden as well, and still we don't see any big problem with that.

[kalleboo]

> your full-name, birthdate, your marital status, name of your spouse, their birthdate, any children and their IDs and names, where you live, your home and cellphone number, and many many other data points

Those things have nothing to do with BankID and everything to do with the government person-number database. They were available as open data before BankID existed

[dagw]

But surely if someone has your person number then they can retrieve all that information from companies like Ratsit and the like. Is there specific information you can get via BankID that isn't generally available from other 'open' databases?

[2rsf]

What information do you think about? you can get a person's yearly tax statement without BankID but you can't see their bank account details