Hacker News new | ask | show | jobs
by mormegil 863 days ago
EU is working on an "EU Digital Identity Wallet". Which might be a good step in that direction. Even though it remains to be seen whether it won't be piggy-backed on some current weak authentication/identification methods in practical implementations.
1 comments
Muromec 863 days ago
Even US had it solved two decades ago on a peak of post 9/11 paranoia. Federal agencies use smartcards internally, there is federal root and the copy-cat of that was successfully rolled out in different flavors in several countries in Europe as well.

On the other side of the spectrum, there is Dutch digi Id, which is the only way to use any government service online and works either with pure and simple username+password or a second factor through the app. There is no rocket since involved -- government agency sends you an activation code to your registered address and you activate the app.

Then there is Ukrainian Diia, which is kinda both and also bundles government services themsevles and a digital id generator into the same app. But it's all built on top of existing PKI infrastructure that is used for decades before to tackle the problem of district tax office doing shenanigans with your tax reports.

Add:

And of course the most no brainer way to roll it out in a fragmented landscape of US is to let banks be Oauth2 providers, as they are already tasked with KYC stuff and have a license to lose. See https://www.bankid.com/en/

refs:

https://www.concretecms.com/about/blog/devops/how-make-us-go...

https://diia.gov.ua/

https://www.digid.nl/en/security

link
mormegil 863 days ago
> And of course the most no brainer way to roll it out in a fragmented landscape of US is to let banks be Oauth2 providers, as they are already tasked with KYC stuff and have a license to lose.

Yeah, the same works in the Czech Republic, the banks provide an OIDC service, including document signing, see https://www.bankid.cz/en

link
mschuster91 863 days ago
> And of course the most no brainer way to roll it out in a fragmented landscape of US is to let banks be Oauth2 providers, as they are already tasked with KYC stuff and have a license to lose.

That doesn't stop banks from pulling all kinds of shit with their customers' identity or what they believe to be that. The amount of credit scams possible in the US is mind-boggling for me as an European.

link
Muromec 863 days ago
I feel like the tolerance to fraud is just higher in US or something, as the alternative is being sent to GULAG right after having your federal id issued.
link
marwis 863 days ago
> That doesn't stop banks from pulling all kinds of shit with their customers' identity

Such as?

link
mschuster91 863 days ago
Wells Fargo employees for example got caught creating millions of accounts without the consent of the customers to meet unrealistic quota by their managers [1], and not just once, but at least three times (2016, 2018, 2023).

[1] https://en.wikipedia.org/wiki/Wells_Fargo_cross-selling_scan...

link