[shakna]

KYC rules require the banks collect those, and keep them on an online portal. This information is held by the ABA - hence why they were falsely accused because of the infostealer breach last year.

I have absolutely not said banks should stop collecting ID. Collecting it in person is a fantastic idea. Holding it on an isolated network is difficult, but a good compromise, and banks are better suited to doing that than most.

Uploading it to a S3 bucket in Sydney, as the ABA do, is a moronic decision. That myID upload it to a Azure Blob in Sydney, is worse than I feel the need to explain.

If you think you can succeed, where literally no one else in the world has, good luck to you. But I expect the same result as Forticode.

[Nursie]

I believe that nobody's ID will be at risk of leaking, because it will never be handled in the first place, nor will it be accessed. So that's already better than most of the schemes people are upset about.

> But I expect the same result as Forticode.

What happened there? I can't find a lot of reference to it on the net other than "we make amazing security products" and then "entering liquidation", so clearly a lot went wrong!

It's always possible for people to make mistakes and do things badly, but I don't see "age verification" as some special case in the identity landscape that presents unique challenges. And the system is already in use without major issue (touch wood). Verifiable Credentials will be an addition to the platform at some point.