I’m still waiting for the day where 100% of state drivers licenses are supported in wallet and anyone requesting ID are required to accept them. Quite literally the only reason I have a wallet these days is for the drivers license.
I leave my wallet in my car, because the only reason I need it is for my driver license.
My bank, however, has one of those authenticator doohickies that I need to use when I make big transactions online. Pop my debit card in, enter the pin, and then do a little dance with codes back and forth on their internet banking to authenticate the transaction.
So I am in this annoying situation where my wallet is never where I needed it: either I'm making a payment and I need to go to my car to get my card, or I need my license and my wallet is on my desk where I forgot it last time.
Google Pay and digital wallets have literally freed up one of my jean pockets permanently.
Honestly, hooray for dragging the U.S. into everyday people having a federal ID in their pocket. Having to check fifty different ID layouts times three revisions is a nightmare and no one uses passports domestically today outside of airports.
I feel uncomfortable with these changes. Between this, digital currencies, airlines not doing printed boarding passes, metros requiring smartphones, … it feels like we are going to lose control and privacy as consumers.
> They will also be asked to use their iPhone to read the chip embedded on the back of their passport to ensure the data’s authenticity.
I installed an RFID app from the Apple app store (3rd party, not from Apple) and it couldn't read the chip in my passport. Perhaps Apple's firmware was filtering those out at the time?
There was a post from trailofbits blog recently about how passport crypto works. Kind of related here.
I wonder if this is some zero knowledge proofs here or what? Reading the passport and its chip implies some terminal authentication capabilities coming from Apple devices. Passport would not allow reading sensitive data from the chip unless the terminal is valid.
Another question is if Apple is allowed to read your biometric data?
> There was a post from trailofbits blog recently about how passport crypto works. Kind of related here.
>
> I wonder if this is some zero knowledge proofs here or what? Reading the passport and its chip implies some terminal authentication capabilities coming from Apple devices. Passport would not allow reading sensitive data from the chip unless the terminal is valid.
>
> Another question is if Apple is allowed to read your biometric data?
Passport chips aren't that complex, especially not American ones. You just need to transmit part of the MRZ to unlock them (Other ICAO compliant passports have slightly different requirements, still all easily doable for any smart phone with NFC transmit)
The Apple ID isn't a ZKP - IIRC they're doing a CBOR representation of the claims which is signed with their own cert.
Digital ID is a misnomer, it should be called "Digital Social Application". These are NOT ID"s. They're government dreamcasted app's for managing the lives of civilians.
It’s inevitable that identification and payments continue to digitize. I’d prefer that physical ID / cash remain legally protected but that I can also go for a run with only my watch and buy a beer afterward
I'm really wary of these initiatives, because perfect law enforcement is how society ossifies. Imagine if we could prosecute all homosexual tendencies when they happened, or all interracial relationships, or any other antiquated law. Society would never progress.
What happens if the government can now perfectly enforce that people under 18 can't do X or Y?
While that problem certainly exists we also have countless crooks and con men getting away with it. The criminals are also using technology, all of it.
On one side you have people with multiple video feeds, trackers, wife-jammers, password/data leaks, backdoors, work/private schedules, purchase history, etc, etc for you, your family, friends, coworkers etc etc
On the other side you have law enforcement not knowing which person walked- or which car drove where, not for any location, not knowing which phones were at the crime scene. No access to any relevant camera (if they even exist) no access to chat logs, email, photos people made.
I'm not-at-all arguing they should have access to any of that but we shouldn't be ignorant of the balance between the two.
It seems to me a major pain in the ass if you cant bring your phone when stealing a car, doing a robbery, driving off without paying for gas or harassing people for not living up to your antiquated expectations.
I am against digital IDs. There’s a reason why security-minded people carry around physical hardware keys. The fact that Apple remains a black box company means I can’t trust them now and definitely not later when their changing financial circumstances COULD jeopardize management decisions and commitment to privacy.
No thanks. It's 2025, identity needs to be resilient, so having a national public blockchain that every public administration entity, every private who wants to participate, compensated for the IT resources they provide, whether a citizen or a business maintains well, that makes sense. The fingerprint of a key is shared, this key is on a smart-card, therefore offline, on well-known (bank cards, SIM cards) proven and reliable platforms, and signs what is needed with zk proofs where required.
Identity on mobile, proprietary platforms, whose level of complexity makes it humanly impossible to understand them even for governments themselves, notoriously closely monitored and yet with a long history of bugs and problems, is UNACCEPTABLE.
It's time to understand that IT is the nervous system of society and that public information must be public, for everyone, not for a specific actor and with no specific actor being "more equal" than others.
While Apple has some admirable history in standing up to government information requests[1], am I alone in wondering now if Apple has started to voluntarily align itself with the current administration? For example, Apple is helping to build Donald Trump's new gold-plated ballroom.[2] (!)
Apple has introduced ankle tag. It's just legislation away for everyone to be tracked in realtime and perhaps even listened to, initially for "keywords" to protect <insert group of people>.
I am glad that the first eID vote we had on this (in Switzerland) prevented private industry from issuing IDs etc.
What we have now (upcoming, after another vote) is an open source[1] non centralized eID issued by the government.[2]
Although there are still some problematic points (initial issuance software is not open source and who can ask for the ID is not limited enough) the solution we have now is the best way to do such a thing at this time.
I’m still going to keep using the digital id lane whenever I can. The gov and tsa already has my biometrics because of my passport + global entry + precheck status. Might as well use the much faster security lane.
But this offering from Apple seems like it could be a nice choice for folks with passports but no desire to get pre or global entry. (Which seriously if you have a credit card that covers it, definitely do it)
35 comments
[ 1.8 ms ] story [ 62.8 ms ] threadMy bank, however, has one of those authenticator doohickies that I need to use when I make big transactions online. Pop my debit card in, enter the pin, and then do a little dance with codes back and forth on their internet banking to authenticate the transaction.
So I am in this annoying situation where my wallet is never where I needed it: either I'm making a payment and I need to go to my car to get my card, or I need my license and my wallet is on my desk where I forgot it last time.
Google Pay and digital wallets have literally freed up one of my jean pockets permanently.
https://support.google.com/wallet/answer/12436402?hl=en
I wonder if passports will come to Google soon as well - that'd open it up nationwide as long as you have a passport.
I installed an RFID app from the Apple app store (3rd party, not from Apple) and it couldn't read the chip in my passport. Perhaps Apple's firmware was filtering those out at the time?
I wonder if this is some zero knowledge proofs here or what? Reading the passport and its chip implies some terminal authentication capabilities coming from Apple devices. Passport would not allow reading sensitive data from the chip unless the terminal is valid.
Another question is if Apple is allowed to read your biometric data?
Passport chips aren't that complex, especially not American ones. You just need to transmit part of the MRZ to unlock them (Other ICAO compliant passports have slightly different requirements, still all easily doable for any smart phone with NFC transmit)
The Apple ID isn't a ZKP - IIRC they're doing a CBOR representation of the claims which is signed with their own cert.
It's pretty slick.
No ID, nor Board Pass needed.
Just walk up to TSA, and only facial recognition is needed. It's extremely fast too.
https://www.tsa.gov/touchless-id
What happens if the government can now perfectly enforce that people under 18 can't do X or Y?
People proposing these ID's frequently suggest positive uses and there are some.
What they fail to do is consider the negative use cases and there are some (or the history of governments using tools to suppress).
In that respect the two sides struggle to see each others point of view because one doesn't see the problems and the other only sees the problems.
On one side you have people with multiple video feeds, trackers, wife-jammers, password/data leaks, backdoors, work/private schedules, purchase history, etc, etc for you, your family, friends, coworkers etc etc
On the other side you have law enforcement not knowing which person walked- or which car drove where, not for any location, not knowing which phones were at the crime scene. No access to any relevant camera (if they even exist) no access to chat logs, email, photos people made.
I'm not-at-all arguing they should have access to any of that but we shouldn't be ignorant of the balance between the two.
It seems to me a major pain in the ass if you cant bring your phone when stealing a car, doing a robbery, driving off without paying for gas or harassing people for not living up to your antiquated expectations.
Hmm..
Identity on mobile, proprietary platforms, whose level of complexity makes it humanly impossible to understand them even for governments themselves, notoriously closely monitored and yet with a long history of bugs and problems, is UNACCEPTABLE.
It's time to understand that IT is the nervous system of society and that public information must be public, for everyone, not for a specific actor and with no specific actor being "more equal" than others.
[1] https://en.wikipedia.org/wiki/Apple%E2%80%93FBI_encryption_d...
[2] https://www.reuters.com/business/media-telecom/trumps-ballro...
I am glad that the first eID vote we had on this (in Switzerland) prevented private industry from issuing IDs etc.
What we have now (upcoming, after another vote) is an open source[1] non centralized eID issued by the government.[2]
Although there are still some problematic points (initial issuance software is not open source and who can ask for the ID is not limited enough) the solution we have now is the best way to do such a thing at this time.
[1] https://github.com/swiyu-admin-ch
[2] https://www.eid.admin.ch/de/swiyu-coming-soon-d
But this offering from Apple seems like it could be a nice choice for folks with passports but no desire to get pre or global entry. (Which seriously if you have a credit card that covers it, definitely do it)
https://idtechwire.com/spains-pm-proposes-mandatory-digital-...