I am reading a new article out asking if 2023 is the year of Digital ID.
It might be – lots of good developments are happening.
AND we also have a disaster of communication about how some systems work.
The article is referencing the way that TSA works where the employee puts the ID into a card reader which verifies the ID and then looks at the picture of the person presenting it to see if it matches. Then goes on to talk about how the digital version would work.
A digital ID would work the same way. The person would present a phone, which would have a barcode or QR code, which can be scanned, and links to a government record. “Essentially, your phone becomes a token which refers to a government authorized database,” said Miller.
– Is 2023 the Year of the Digital ID?
If that is how it is going to work – where I am presenting tokens that “refer to a government authorized database” then count me out. It sounds like to the non-sophsticated reader it pings the database and pulls down a photo of the person sharing the token. It might work this way – if people think reading it it does work this way – we can’t get adoption in the US. The ACLU has a whole report out about the worrisome phone home architecture that is optional with the mDL standard.
I did a search for mDL and TSA and this PDF showed up.
Look there is a direct link between the issuing authority and the TSA in the Relying party role – the little arrow says Key/Cert Exchange but is the public going to read that? Or are they going to think there is a connection to the database.
Another problem with the report and the way they talk about the solutions is that there are only phone hardware and software manufactures that are listed as the rightful arbiter of this system of IDs. What about other wallet manufactures.