Google Is Bringing Electronic IDs To Android (venturebeat.com) 84
Krystalo writes: The last day of Google's developer conference tends not to have any news, but this year was a little overloaded. Google announced today that it's working on bringing Electronic IDs to Android. Separately, the company also confirmed that all new Android Q devices will be required to encrypt user data. Replacing ID cards, such as driver's licenses and club memberships, has been the last major piece of the digital wallet puzzle. We're not talking about securely logging into web pages -- this is for identifying yourself in "physical world transactions." Wallet apps can replace plane tickets, loyalty cards, and credit cards, but they still can't pass for valid ID. Google is looking to add Electronic ID support so developers can build mobile apps that can be securely used as an ID.
What could possibly go wrong? (Score:4, Insightful)
OK -- we're screwed.
Re: (Score:2)
There's always Apple...
Re:What could possibly go wrong? (Score:5, Informative)
I really still don't mind carrying my physical wallet with my physical ID cards.
And if nothing else, if I"m pulled over by a cop, the last thing I want to do is open my phone for them to see "ID".....and be open to look at pretty much anything else they might want to phish for during a traffic stop.
That and I don't wish to share ID or credit cards, etc with any company out there really.
This looks like a solution in search of a problem.
Wallets are annoying (Score:3)
I really still don't mind carrying my physical wallet with my physical ID cards.
I do. I HATE having to carry a physical wallet, especially since it's really not adding any value in the modern world. I'm perfectly aware of the risks of a digital ID and I can live with carrying a physical wallet like I have for the last 40 years but I don't like it and a LOT of what I need to carry one for should be unnecessary. Here's an incomplete list of things which might be in my wallet that I should be able to carry on my phone without severe security issues:
1) Health insurance card
2) Credit/Deb
Re: (Score:2)
You can keep your wallet if you want to (Score:2)
Right now, I can go to the store and pay cash and not share any identity info with them.
Right now I can go into the store, pay with Apple Pay and not share any identity info with the store. Furthermore if my phone gets stolen it's insured, traceable, and unless someone shares my face/fingerprint they aren't going to be able to access the credit cards or other payment systems on it. There is a downside to any payment method. Cash is awesome sometimes but it has problems too. It's easily stolen, hard to trace, hard to recover, etc. You're merely trading one set of risks for another.
If my wallet were replaced with a combo phone/payment device/ID, I'd no longer have that option.
??? Nob
Re: (Score:2)
What happens if your phone runs out of power, and/or breaks?
I've yet to see a wallet run out of power.
Reality check on wallets (Score:2)
What happens if your phone runs out of power, and/or breaks?
First off, let's get real. How often does that really happen to you? Seriously. I've been carrying a smartphone for the better part of a decade and I think I've run the battery dead twice in that time. I've also never had one break on me to the point where it couldn't be used. Sure it happens but it's not common and there are backup options which leads us to...
Second, I still have all the plastic cards I keep in my wallet in the event of an extended power outage or if I'm traveling somewhere my phone w
Re: (Score:2)
Ideally there would be some separate secure enclave to hold this kind of information so ID, insurance info, etc could be shown without handing over everything on your phone.
Until Apple get on board... (Score:1)
Re: (Score:2)
Blockbuster's downfall wasn't due to Redbox, but to Netflix. Blockbuster got internal recommendations to set up both a mail-order service and a streaming service but they were too afraid they would cannibalize store-based income. Ultimately, they lost everything.
Bank tellers are already almost gone because of ATMs, and Zelle, Venmo, and others are eating into that. When I walk into my bank, I'm greeted by 2-3 employees. Nice touch on customer service, but they can feel desperate sometimes.
There are already
Re: (Score:2)
The question of whether itâ(TM)s advisable to collect all of those IDs in one handy, stealable place is another one entirely, of course.
For anyone who currently uses a wallet-style phone case... that ship has sailed.
I’m one of those people... but I have thought about the question on many occasions, and am still not convinced I’m doing the wise thing in using such a case. Also, I made a decision not to carry our main credit card, which 1) I don’t use very often anyway and 2) has an absurdly high credit limit.
However I think the physical cards are the bigger security concern. I wish the transition to NFC payments would happe
Worrisome (Score:5, Insightful)
The idea on it's own isn't...horrible. There are ways to do it right, but there are far more ways to do it wrong. For instance, if we're talking about government IDs, then I'd want a couple different lock levels on my phone. The first allows access to pre-selected IDs ( gym memberships, driver licenses, ect.. ), and a second which grants me full access to my phone.
The two should not even use the same access method ( so pin OR finger print, password OR pin, ect... ).
Re: (Score:2)
It's further laughable to pretend the government doesn't already have the access I fear exposing for them, I'll grant you.
However, it's worth noting that I am specifically wanting to impose limits on which parts of the government gain access. I can't do anything about the NSA, for instance. If I'm of interest to them, they'll snoop my data regardless of what I do. The local PD, however, I can do something about.
Re: (Score:2)
For instance, if we're talking about government IDs, then I'd want a couple different lock levels on my phone. The first allows access to pre-selected IDs ( gym memberships, driver licenses, ect.. ), and a second which grants me full access to my phone.
Apple’s wallet currently lets you make your digital cards available without unlocking your phone (or to not allow it). I’d like to see it made more granular, allowing you to choose which individual cards are available from your locked phone, and which are not.
Re: (Score:2)
I still want to prevent unauthorized access to my cards, so I still want a lock in front of things. I don't want 'just anyone' to access my driver's license, for instance. By the same token, I don't want the police to have full access to my phone should I get pulled over and they require my DL.
Re: (Score:2)
My ideal would be a phone that has virtual machines with encryption and authenticated with different means. For example, if I'm overseas, geo-location wouldn't allow the CONUS to work, so if the phone is seized in China, the VM used for overseas stuff is accessible, but the ones that are region locked would be well protected, perhaps inaccessible until one is on a home or work IP space.
The ironic thing is that this is solved in older versions of Android. There used to be an app that ran as root which allo
Granular unlocking (Score:2)
Apple’s wallet currently lets you make your digital cards available without unlocking your phone (or to not allow it).
Sort of. But not really for a lot of things. And there are certain types of ID cards which make handing your phone to a third party potentially problematic. Classic example is your driver's license to a cop. I would be an idiot to trust a cop with my entire phone even though I'm completely innocent of any crimes. Way too many opportunities for that to go sideways on me.
Also there is the problem that a lot of ID cards that could be safely put on my phone (like health insurance) simply aren't available b
Re: (Score:2)
For instance, if we're talking about government IDs, then I'd want a couple different lock levels on my phone. The first allows access to pre-selected IDs ( gym memberships, driver licenses, ect.. ), and a second which grants me full access to my phone.
Apple’s wallet currently lets you make your digital cards available without unlocking your phone (or to not allow it). I’d like to see it made more granular, allowing you to choose which individual cards are available from your locked phone, and which are not.
The in-progress ISO 18013-5 mobile driving license specification (I'm a member of the ISO committee and lead the Google team that is building the electronic ID features) goes a step further and requires that users be able to choose not only which documents are available, but even which data fields, and even to make the choice per presentation. There's also a lot of effort going into data minimization, meaning that when you present your ID you should be able to provide exactly the information that is require
Re: (Score:2)
That sounds very good, if it makes it to implementation like that. I do worry about meddling from various levels of government (and from both sides of the aisle), turning good ideas into broken and/or insecure implementation of those ideas.
Re: (Score:2)
That sounds very good, if it makes it to implementation like that. I do worry about meddling from various levels of government (and from both sides of the aisle), turning good ideas into broken and/or insecure implementation of those ideas.
I worry about the same thing, which is why I'm working to make sure that doesn't happen, in a couple of ways. One is to make sure that there are production-quality, open source sample apps that do things the right way. I want it to be as easy as possible for governments to do the right thing and therefore harder to do the wrong thing. Another is to have the Android system create a log of all ID presentations -- requests received and data returned -- which is reviewable by the user so that misbehavior can
Re: (Score:2)
Towards this end, iPhones already allow you to set up emergency information that can be accessed from the lock screen. It's an entirely optional feature that, if enabled, gives first responders the ability to know who you are, what allergies or existing conditions you have, who your emergency contacts are, etc., but it's theoretically ripe for abuse as well. I could see a digital ID being handled similarly: make it available to those who want it, but don't compel its usage.
Re: (Score:2)
You also need plausible deniability to protect against "wrench hacking": https://xkcd.com/538/ [xkcd.com]
I'd like a hidden login for all sensitive apps. For example, my regular password unlocks the phone with everything but sensitive apps but a completely different password opens super-secret-app mode where all the sensitive stuff is. If someone tries "wrench hacking", I can just open the phone with the regular password and claim I don't use it for banking.
It is only a matter of time until criminals realize they can j
Yeah that's a great idea. (Score:1, Troll)
Allowing a left wing authoritarian corporation control over your government issues ID. That can never possibility go wrong. It's not like we already have dozens of examples of some of these same corporations using there market power to bar unpopular individuals from using some of these banking and communications serv-
-THIS CITIZEN BANNED FOR MULTIPLE VIOLATIONS OF THE T.O.S.-
Re:Yeah that's a great idea. (Score:4, Insightful)
Of course such a system is a top priority for Big-Tech. After all, Silicon Valley built the underlying technology for for Chinese new social credit system for the first place.
The only thing I'd really disagree with you on this is that the Republicans are no better than the democrats on this issue. They both love mass surveillance. It makes them a ton of money and it allowed them to exert their authoritarian whims to a third party that's not so clearly bound by the US Constitution. The only real difference is that the dems have decided to stop pretending.
Re: (Score:2)
Guess you misses my previous pose in this thread where I specially said that the GOP loves the kind of mass surveillance and control systems and the the only real differences that the dems are the side that stopped pretending that they don't love this kind of authorial crap.
And you're absolutely full of shit when you say that Google isn't left wing biased, that all came out during the James Damore situation. Te very fact that you would even claim that shows how biased you are.
Re: (Score:2)
Re: (Score:1)
Re: (Score:2)
Re: (Score:2)
common use
since the late
And no, "irregardless" is not a word. It's a misspelling. Like your other misspellings.
Re: (Score:2)
Re: (Score:2)
Of course Google wants more power. They want to control your identity in the way prophesied in cyberpunk. It's nothing to do with "left-wing", it's "eliminating the government as a second source of identification, so Google is the sole authority of who you are." And if you think they won't use that power to shut down people who accuse their executives of sexual harassment (to choose a "left-wing" issue) in a second, you're not thinking clearly.
Re: (Score:2)
Of course Google wants more power. They want to control your identity in the way prophesied in cyberpunk.
Please see https://tech.slashdot.org/comm... [slashdot.org]
It's nothing to do with "left-wing", it's "eliminating the government as a second source of identification, so Google is the sole authority of who you are."
The Android EID design gives Google zero ability to control ID. The design allows existing identity credential issuers (e.g. governments) to provision identity documents to Android devices, and then allows the devices to present those credentials (under user control) to verification devices. Google has no involvement in any part of either provisioning or presentation, and no access to any of the provisioned data, which will be secured on-device by security modu
Re: (Score:2)
Interesting that you lead the EID team. I'll look at you sources, but may not have time for a little while. The (at least claimed) input by the EFF and ACLU does make me feel better, but I do have concerns.
Re: (Score:2)
Interesting that you lead the EID team. I'll look at you sources, but may not have time for a little while. The (at least claimed) input by the EFF and ACLU does make me feel better, but I do have concerns.
FWIW, my primary contact at the ACLU is Jon Callas. If you don't know who that is, check out his Wikipedia page.
Re: (Score:2)
Just to clarify, I'm not doubting that you have ACLU and EFF advisers, or that they are good, or even that you take them seriouslys. My concern there is that companies sometimes get advisers (sometimes for PR reasons) and then vote down their concerns 3-2 (or 4-3 if you're on their side) in the room.
As I said, I don't have time to look at it now, but I did want to let you know that I wasn't questioning you specifically or your integrity.
Re: (Score:2)
Re: (Score:2)
I looked at his wikipedia page. Consider the bragging successful. I'm jealous.
Re: (Score:3)
Allowing a left wing authoritarian corporation control over your government issues ID.
Google will have no such control. The Android ID infrastructure will be open source, freely-inspectable and clearly architected to restrict access to the data to the ID app that provisioned it. Google will have no access to the content and no control over how the infrastructure is used. The ID management protocols will be open and standardized (and well-designed from the perspective of both security and privacy) and will not involve sending any data through Google servers.
If you doubt this, I highly re
Yeah I trust Android with that (Score:1)
In a year we'll be reading about some Chinese company stealing 100 million IDs from Android phones via sketchy Playstore Apps. Android is trash.
To each his own (Score:1)
I was moving in the other direction, keeping electronic private keys on a physical card where Google has no way to ever get hold of them.
Then the battery goes flat (Score:2)
Just what everyone wants: _depending_ on an ID store that isn't always usable.
Physical cards are not ideal either (Score:2)
Just what everyone wants: _depending_ on an ID store that isn't always usable.
It's trivial to have a physical card too. We're already doing that. The point is to have a digital option so that we don't HAVE to carry a stupid physical card all the damn time. Besides it's not like physical cards don't have their downside too. They are easily lost/stolen, insecure, bulky, etc.
We really need this... (Score:2)
Re: (Score:2)
Good news. Under the ACA (aka Obamacare), it's illegal for the health insurer to do that. Even if, instead of datamining a soda purchase, you mail them a certified letter every day with saying "Eating a steak, 3 lbs of butter and drinking a bottle of whiskey!".
And, they wouldn't need that data. Your health insurer knows your BMI and other stats. Fortunately, it's even illegal for them to use the results of yo
Re: (Score:2)
Well, it should be pretty easy. They are required to a) publish and register prices with the government and b) honor those prices to anyone who goes to the website and signs up with them. They explicitly can only ask age/sex/smoker/zip, and have to give the same registered with the government price to everyone.
That's a big part of the ACA - literal pricetags on insurance. Unlike car insurance where it's all behind a curtain, this uses public pricing.