Thread with 5 posts
jump to expanded post
an exciting personal report from the world of "e-identification" (sweden)
in sweden, life revolves around the "mobile bankid". this is a service owned by major swedish banks that provides a smartphone app equivalent to a state id card, but which can be used to log into websites
for a long time, there's been a bit of a hole in this system: the banks check your government id when you first create your account, but after that, you can basically just use your existing bankid to create a new bankid (true for my bank at least), so long-term it's not so secure
but now we live in the glorious era of near-field communications. after recently being forced to wipe my phone, i had to set up bankid on it anew, and it seems they now require you to use your phone's nfc sensor to scan your passport or national id card. neat!
@hikari Not all devices can read NFC, so how do they handle that?
For things that actually need to be tied to your government ID (like filing taxes or other government paperwork) the "tap your government ID" thing does actually seem like a good idea (as well as functionally making said IDs impossible to fake, as long as you publish the public keys used to validate them...)
Unfortunately it also opens them up to something similar to the US's rampant misuse of "social security numbers" as a generic identifier (because we have nothing better as a "national ID number" thanks to "mark of the beast" morons...): If there's no legislation against it, and the capability is there, people will be tempted to use it even if they have no reason to. Colleges used to use the SSN as student IDs "because it was there" until we passed laws to stop that.
Not all devices can read NFC, so how do they handle that?
see downthread
Unfortunately it also opens them up to something similar to the US's rampant misuse of "social security numbers"
oh yes, the number of online services in sweden that require your national id number and logging in with an e-id is terrible