• Hotzilla@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    63
    arrow-down
    3
    ·
    edit-2
    1 year ago

    You Americans should get to this century and start performing digital strong authentications like the rest of us. Sending picture of your ID to anyone is insane :)

    How we do it here in Finland is that there are digital identity providers which use bank/mobile carrier to identify you. They then use MFA when identifying you. Any service can use these services to do strong authentication for you. And they don’t cost anything for the customer, and is really cheap for the company who wants to identify you. It is also build into the law that you must identify people using these, to avoid identity theft.

        • HeartyBeast@kbin.social
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          But how did they authenticate your identity when you opened the account? I’d not trying to be an arse - but at some point it will likely have come back to matching some official photo id against your face.

          • Hotzilla@sopuli.xyz
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            They once identify you from your driver’s license, government id card or passport. After that you for example link your smart phone to you, and you use their app when you identify.

            You can also use mobile carriers, they send a push notification directly to you phone+sim. Not sure what protocol they use here, because it opens up an UI which is plain android, and asks pin.

            Everything relays on chain of trust that since one service has identified you, the next can trust too. Plus there is MFA to verify that you actually made the identification request.

            • HeartyBeast@kbin.social
              link
              fedilink
              arrow-up
              2
              ·
              1 year ago

              The initial argument was ‘sending is to anyone is insane’ but that’s what you do with the bank. Yes it’s only once - but that’s the same as the other systems we are taking about here.

          • Damage
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            It’s not like the bank KEEPS your ID