this post was submitted on 20 Jan 2025
867 points (98.2% liked)

Technology

60694 readers
4304 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
867
Stop Treating Phone Numbers As A Digital ID (notthesolution.substack.com)
submitted 2 days ago by formerlytomato@lemmy.sdf.org to c/technology@lemmy.world
164 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] Katana314@lemmy.world 9 points 21 hours ago (2 children)

On this question of verification, I don’t have a particularly foolproof solution, but maybe there just isn’t one.

I can criticize the modern web for a lot of things, but as long as we have situations where we want to check whether an account is a real person, as opposed to FarmingBot #295038, they need something. I'm not a fan of phone verification, but I'd only criticize it when we have alternatives.

I'd even be in favor of some kind of one-way algorithm by which a trusted real-person-identifying entity could tell a random third party site: Yes, this is a genuine human.

[–] 0xD@infosec.pub 6 points 13 hours ago (1 children)

https://www.oesterreich.gv.at/en/id-austria.html

That exists and is better than a phone number.

[–] sexual_tomato@lemmy.dbzer0.com -1 points 11 hours ago (1 children)

Cool, now provide solutions that exist today for every other country

[–] 0xD@infosec.pub 3 points 10 hours ago

That is not my responsibility ;) I just shared that something like that exists.

[–] Ahrotahntee@lemmy.ca 8 points 18 hours ago* (last edited 16 hours ago) (1 children)

The technology has existed since the 80s.

X509 certificates would allow a government agency to sign a digital identity indicating that it's legitimate, would allow for remote revocation in the event of loss or theft, and can be easily integrated with every existing computer and browser.

An issued physical card would resemble a credit card, with a chip in it. Other physical form factors can take the shape of USB-devices which bundle the card and the reader into a single device.

[–] 0xD@infosec.pub 3 points 13 hours ago (1 children)
[–] Ahrotahntee@lemmy.ca 2 points 6 hours ago* (last edited 6 hours ago)

Also https://www.cac.mil/Common-Access-Card/, if the Americans are skeptical.

I don't like the Austrian one being phone-integrated, but I understand why people would want that.