[HN Gopher] Privacy-preserving features in the Mobile Driving Li... ___________________________________________________________________ Privacy-preserving features in the Mobile Driving License Author : headalgorithm Score : 20 points Date : 2020-11-06 21:38 UTC (1 hours ago) (HTM) web link (security.googleblog.com) (TXT) w3m dump (security.googleblog.com) | ryukafalz wrote: | I like this idea in theory, but... I wonder if the mDL apps can | be generic enough that you can implement one and load a | credential from any issuer into it, or if it's going to be a | single (probably proprietary) app per issuer. | | This is something I'd like to be able to use on non-Android and | iOS platforms, but that's unlikely if it's not possible for | anyone but the issuer to write an mDL app. | neom wrote: | " For additional protection, mDL apps will have the option of | both requiring user authentication before releasing data and then | immediately placing the phone in lockdown mode, to ensure that if | the verifier takes the device they cannot easily get information | from it." | | That's an interesting feature. I wonder if it's going to result | in pressure from law enforcement to unlock the device. | kelnos wrote: | > _Crucially, the mDL application can ask the user to approve | which data to release and may require the user to authenticate | with fingerprint or face -- none of which a passive plastic card | could ever do._ | | I kinda feel like most people, when threatened by an authority | figure with a gun, will approve whatever data that person asks | for. | | The place where I do think this is valuable is when showing ID to | get into a bar, or at a store when purchasing alcohol. The only | bit of info the bouncer/cashier needs is whether or not you are | of legal drinking age; they don't need to know your actual | age/birthday or your name or address. | gruez wrote: | >I kinda feel like most people, when threatened by an authority | figure with a gun, will approve whatever data that person asks | for. | | It's not supposed to be a foolproof solution. The point is to | prevent the officer from casually looking through your | photos/texts after you gave him the phone. | ianferrel wrote: | A pretty common way to get a fake id is to borrow a real id | from someone else. Bouncers ask you how old you are or what | your house number is as a check on that. | | That seems like a plausibly useful feature, or are there other | ways to tell that the virtual id matches the real person | holding the phone? | comfyinnernet wrote: | "In some cases, this means you may get advertising in the mail" | | It's nice to know Google is concerned about this dystopian | possibility. | vlovich123 wrote: | Neat. Glad to see this heading to release. I represented Google | at a few of the ISO meetings years back before another team took | over. | ivan_gammel wrote: | This is a very US-centric approach to set a standard for having | your ID on your phone. Why not calling it simply Mobile ID and | having the driver license as one of the data records or features? | That would be more natural design. ___________________________________________________________________ (page generated 2020-11-06 23:00 UTC)