[HN Gopher] Privacy-preserving features in the Mobile Driving Li...
___________________________________________________________________
Privacy-preserving features in the Mobile Driving License
Author : headalgorithm
Score : 20 points
Date : 2020-11-06 21:38 UTC (1 hours ago)
(HTM) web link (security.googleblog.com)
(TXT) w3m dump (security.googleblog.com)
| ryukafalz wrote:
| I like this idea in theory, but... I wonder if the mDL apps can
| be generic enough that you can implement one and load a
| credential from any issuer into it, or if it's going to be a
| single (probably proprietary) app per issuer.
|
| This is something I'd like to be able to use on non-Android and
| iOS platforms, but that's unlikely if it's not possible for
| anyone but the issuer to write an mDL app.
| neom wrote:
| " For additional protection, mDL apps will have the option of
| both requiring user authentication before releasing data and then
| immediately placing the phone in lockdown mode, to ensure that if
| the verifier takes the device they cannot easily get information
| from it."
|
| That's an interesting feature. I wonder if it's going to result
| in pressure from law enforcement to unlock the device.
| kelnos wrote:
| > _Crucially, the mDL application can ask the user to approve
| which data to release and may require the user to authenticate
| with fingerprint or face -- none of which a passive plastic card
| could ever do._
|
| I kinda feel like most people, when threatened by an authority
| figure with a gun, will approve whatever data that person asks
| for.
|
| The place where I do think this is valuable is when showing ID to
| get into a bar, or at a store when purchasing alcohol. The only
| bit of info the bouncer/cashier needs is whether or not you are
| of legal drinking age; they don't need to know your actual
| age/birthday or your name or address.
| gruez wrote:
| >I kinda feel like most people, when threatened by an authority
| figure with a gun, will approve whatever data that person asks
| for.
|
| It's not supposed to be a foolproof solution. The point is to
| prevent the officer from casually looking through your
| photos/texts after you gave him the phone.
| ianferrel wrote:
| A pretty common way to get a fake id is to borrow a real id
| from someone else. Bouncers ask you how old you are or what
| your house number is as a check on that.
|
| That seems like a plausibly useful feature, or are there other
| ways to tell that the virtual id matches the real person
| holding the phone?
| comfyinnernet wrote:
| "In some cases, this means you may get advertising in the mail"
|
| It's nice to know Google is concerned about this dystopian
| possibility.
| vlovich123 wrote:
| Neat. Glad to see this heading to release. I represented Google
| at a few of the ISO meetings years back before another team took
| over.
| ivan_gammel wrote:
| This is a very US-centric approach to set a standard for having
| your ID on your phone. Why not calling it simply Mobile ID and
| having the driver license as one of the data records or features?
| That would be more natural design.
___________________________________________________________________
(page generated 2020-11-06 23:00 UTC)