[wanderingbort]

How do you know that the bouncers scanning machine didn’t log the interaction?

The whole value prop is built on not trusting that bouncer and by extension their hardware.

Everything would have to be encrypted leading to the bouncer also needing to establish that this opaque identifier actually belongs to you. This is where some picture or biometric comes into play and since the bouncer cannot evaluate it with their own wetware you are surrendering more data to a device you cannot trust.

They also cannot trust your device. So, I don’t see a scenario where you can prove ownership of the ID to a person without their device convincing them of it.