[TacticalCoder]

And the real scary stuff is that they demand more than the law requires. They're not just doing the minimal KYC/AML stuff (which is already a huge endeavor btw): they're going out of their way to get as much infos as they can.

For example for AirBnB (well, granted some "conciergerie" service belonging to AirBnB, in France: but even if it's top-end it's still AirBnB) they wanted me to record a video of me of 20 seconds.

They're not the only ones to do that: I've seen other sites asking these vids.

The more regulated stuff, like brokers, banks, etc. shall ask what's legally required: proof of address (a utility bill), scan of the driving license, etc. but nothing more (at least in my experience).

But the non-regulated players: they invent stuff. They make up shit, apparently on the spot.

At some point they'll ask a blood and urine sample to "verify my identity".

Which would be okay'ish, I guess, if they weren't so incompetent as to invariably leak those data when a hacker shows them who can code.

I take it the KYC/AML will have to be modified to prevent anything more than what is legally required from being collected.

[Terr_]

I dimly recall some sci-fi quantum-technobabble book where a character is reminiscing that a collapsed government's most important duties were (A) identity and (B) official timekeeping.

The US Federal Constitution, back in 1787, immediately authorized a government-run postal service. If a similar scenario was echoed today, I think it would/should contain a government-run identity service.

Governments already have a compelling interest to identify people for the purposes of the legal system, property ownership, etc. With all that happening anyway, might as well have an API that allows for attestation and Single-Sign-On.

___

P.S.: Not having it isn't really an option, since it's a void that will still get filled, just differently... Either with a hodgepodge of half-broken systems, or an abusive private monopoly, and no accountability or good appeals process.

[space_fountain]

Obama briefly pitched the idea of this. A lot of people worried that the government providing services with the ability to verify identities would kill anomenlty online and it died.

[pphysch]

And yet anonymity/privacy is already dead for the average consumer, and we don't get to benefit from a public, reputable SSO service...

[Terr_]

For example, the IRS's free online filing thingy this year involves a third-party private company doing the ID checking and proprietary facial recognition database shit.

Hell, they didn't even white-label it behind a .gov domain and UI, which means they're training taxpayers to fall for phishing scams by disclosing their most sensitive data to any dang company with a spiffy web page and plausible-sounding domain name and a "Trusted By The IRS!" image sticker.

[akira2501]

> a government-run identity service.

Sponsored and standardized, maybe, /run/ definitely not.

These entities love creating things like "No Fly Lists" I can only imagine what their greedy little hands would do with the authority to strip one of the ability prove their identity.

[krapp]

I wanted to step in and make fun of the Mark of the Beast people and paranoid gun owners who always freak out about things like this but then I considered what half the country would do if they had control over the immutable legal identities of gay and transgendered people, and I realize they might actually have a point.

It's not that a national identity service is a bad idea, it's a good idea and the US should have it, like it should have nationalized healthcare, education, UBI and gun control that's actually effective. It's that the United States government specifically can't be trusted to implement it at any level and in any way that won't lead to undesirables in mass graves. We just can't have nice things here.

[tivert]

> For example for AirBnB (well, granted some "conciergerie" service belonging to AirBnB, in France: but even if it's top-end it's still AirBnB) they wanted me to record a video of me of 20 seconds.

> They're not the only ones to do that: I've seen other sites asking these vids.

So basically they're trying to do a "liveness" check, probably under the assumption that videos are too hard to fake (and hopefully they compare the ID documents against the video). Honestly, that seems legitimate to me. With data leaks and generative AI, it's going to be increasingly hard to do the kind of identity verification tasks online that we take for granted.

I predict there will soon be a huge necessity and demand for in-person notaries to verify identities for online services. Want to open a bank account online and there's no branch nearby? Go to some ID verification business with a ticket number from the sign up workflow, they check your documents, and then they tell the bank if you checked out or not.

[b112]

Canada Post has a service like this. They already need to do identity verification for some types of packages (certified/registered mail with mandatory Post Office pick up), so it's a natural extension.

Not sure how rigid it is through. Probably just a glace at a driver's license / id card?

Anyhow, a good extra revenue stream for classic postal services.

[jamesrr39]

> So basically they're trying to do a "liveness" check, probably under the assumption that videos are too hard to fake (and hopefully they compare the ID documents against the video). Honestly, that seems legitimate to me. With data leaks and generative AI, it's going to be increasingly hard to do the kind of identity verification tasks online that we take for granted.

I worked for a company that required these videos in one of the markets they served. Some countries have decent digital ID solutions already in place, but in many it's just a picture of a driving license or such that is so easily faked/stolen. Kind of a shame how in many countries officially identifying yourself online is not implemented/implemented badly enough that no-one uses it, so instead we have this poor uploading pictures of private documents and videos of yourself fallback.

[Frieren]

> The more regulated stuff,

They have been regulated for a reason. Without regulation they will also do all kind of stuff. (They still do a lot of really harmful stuff, but not as much as they could otherwise)

[cute_boi]

Even facebook is telling to upload video. What a dystopia ....