[creer]

In practice, how do these system expect the kids (much more technically savvy than their parents, and with a motive) not to get their hands on their parents'? (As you know, kids often get access to credit cards without parents knowledge.)

[vlovich123]

Biometrics identification required to release the record (eg the Secure Enclave in iOS could sign it)

You can believe that a standard committee of very smart people (technical and regulatory) was thinking about all these problems so saying “what about X” isn’t helpful when X is an obvious concern.

A sufficiently advanced attacker could probably figure something out (especially with these 3p apps which are bound to have security flaws), but it will be out of reach for most people (these apps will hopefully be discontinued once the OS wallets integration is complete - they should only be used for pilot programs and if they’re not they will be stopped once they become a known vector of identity theft).

The harder problem is attestation for >13 services since kids that age may not have digital devices and government ID but that’s a government policy problem to figure out.

[creer]

> You can believe that a standard committee of very smart people (technical and regulatory) was thinking about all these problems so saying “what about X” isn’t helpful when X is an obvious concern.

Really? Doesn't HN show on a monthly basis that no, exactly nothing directly follows from that premise? Typically the committee has completely different incentives and directions from, well, half the planet's wants?

At that stage though, mine was just a question. I was curious.

> they will be stopped once they become a known vector of identity theft

Okay. I'll agree to disagree. See US Social Security Numbers, cell phone numbers, credit card system...