Once upon a time the usual thing to get OK'd to rent a van (e.g. for students who are moving house) is you rock up to the rental place with the legal documents showing you're entitled to drive. You're relying on the fact that the person renting you a van doesn't much care and isn't keeping the exact details from those documents.
But although you can do this today, obviously the documents get scanned into a permanent data repository, so, that's not great. But, the UK government added a site so you can prove you're you, and get codes, which for a limited period show someone that yup, this person is legal to drive and so on.
They do this for right to work too. Although, annoyingly only for foreigners. If you're a citizen, you can't prove right to work this way, you need to be like "Look, I'm a citizen, here's proof" to your employer. But if you are foreign you can just go "Check this URL, your government says I'm entitled to work here" and they needn't know whether that's because your husband is a "Cultural Attaché" to the Russian Embassy, or you've got special refugee status, or you're actually an Italian and you just speak and look Russian for some reason, just that you're entitled to work here.
However a partial or faulty implementation of the concept can be very dangerous. South Korean websites used to receive a Resident Registration Number (RRN, 주민등록번호) for all imaginable reasons, including just catching double registration. RRN was and remains crucial for identity verification and it is estimated that virtually every SK national has been subject to multiple accidents that exposed their RRNs before such practice is forbidden. After that the Accredited Certificate of Authentication (공인인증서, nowadays the Recognized Common Certificate 공동인증서) is in place, which was another travesty that is based on X.509 but with non-standard practices based on ActiveX. Nowadays age and identity verification is commonly done with mobile phones, and there are multiple such services mostly run by CICs and telcos. This did dramatically reduce the use of RRNs and is much more convenient for typical people, but if you do not own SK mobile phones (e.g. you are foreigners) you can't use them and there are frequently no fallbacks. Also I generally don't trust the security of those services.
Right now, the Verified.Me service sends through your actual non-anonymized identity (Social Security Number, I think) to the service being signed into, meaning it’s only really good for services you’d want to hand information like that to anyway (i.e. government service websites.)
But it’d be only a little tweak to enable a provider like this to send the service being logged into a persisted random-per-service token, or a per-service-salted hash of that info, instead. If this was done, a flow like this would then be perfect for KYC/AML: it would precisely restrict each legal person to only having one account per service, while also not revealing who that legal person is to that service. And the only person in this flow who’d ever see your ID, is the bank clerk you interacted with to open your bank account, years/decades earlier.
After witnessing enough leaks and hacks of government databases, this is one application where I'd favor a cryptographically secure, decentralized solution based on open-source code that's been competently audited to show the system keeps my sensitive info provably private.
Ideally something that's been in the wild under sustained and motivated efforts to hack it for long enough to convince me there's some substance to the claims.
Sounds a bit like e-verify. Don’t forget to lard it up with some denials for folks on domestic terrorist watchlists, wife beaters, bench warrants for parking tix, etc. etc.
Could you link us the site?
If your service demands my ID, I'll close my account.
If you have KYC requirements, I'll meet you in person or find a different vendor.
Never worried about twitter ever again. Probably the healthier choice in the long run.
that's literally not an option when it comes to crypto exchanges.
https://www.wired.com/story/roblox-online-games-irl-fascism-...
NBA Top Shot comes to mind. They allow you to buy with no problem. But, to sell on their platform you have to go through what is essentially a KYC check.
Your investment is sunk otherwise.
Edit: Thank you everyone for your feedback, it’s very helpful!
If at all possible, I would want a hard guarantee that my photo ID and all derived information (e.g. my real name (as in the case of Roblox, they don't care about your identity, just your age)) would be completely deleted as soon as possible, as well as a description of exactly when that would be (e.g. "we have to contact your federal government to verify the authenticity of this ID, and then ensure that they know that we've verified your user account, and then we'll delete everything immediately - this typically take 4-8 business days, and we'll email you when the process is completed").
Regardless of the above, I would require that no personal information linked to my ID would be used for any purpose (analytics, marketing, ads, or sale/transfer to a third party) except identity verification.
The only time I'd even consider sharing photos of my ID documents over the internet is if I'm sharing them with an organisation I have a multi-year high-trust relationship with (like my e-mail provider of 20 years). And even then, I'd prefer not to if I can avoid it.
I never had to do this when booking a flight. The max I had to do was provide my personal info (name, birthday, passport number). If they asked for a passport scan and a selfie I would have noped out.
I don't know about presently but historically, you didn't need a passport to buy an international ticket. You needed a passport to get on the plane at the airport. So if you buy a ticket in a fake name, it's your problem if you can't fly and tickets aren't refundable for this.
Which is to say that no app space comes to mind when I think of something that needs id scanning - or the only apps like this are extensions of state control to the virtual space (virtual parole hearings or whatever).
Basically, anything that isn't the state should use it's own fricking account system to relate to people online. And the state itself is kind of iffy.
Giving up that much PII for a game is insane. I'd uninstall it without even thinking. Any industry that's not regulated to require photo ID when they're asking for it doesn't need to ask for it.
I think the discomfort is a good thing here.
The main issue that I have is that it's down to a matter of trust. I'm mainly using the article on Roblox as an example for my thoughts here, but I'm sure it could be easily translated to other services/companies doing digital ID verification.
I don't like digital identity verification at all however I am open to other options. I have no trust in these identity verification companies using my ID for the sole purpose they say it will be used for. I have no idea if they're holding onto the ID and using it for training their algorithms, or if they sell it to a data collection agency, or if they etc. etc. etc. - why do I need to read a 10+ page privacy policy document to figure that out?
For a company like Roblox - I don't see why they couldn't roll out their own system for digital verification. Yes, you'd have an absolutely massive influx of users at this point since they seem to _just now_ be adding age verification, but after a month or two - barring special events/promos in game - I'm sure an ID Verification department could be handed out to a few people.
That being said - I'm not considering any issues in other aspects like Legal issues, Privacy issues, data retention issues, number of users, numerous ID types etc. etc. etc. and I'm sure those are HUGE factors as to why people aren't "rolling their own" solution.
The idea was you could show your ID to someone qualified to check (like a shop selling alcohol), they'd give some sort of pass, and that could be used to access the website. I wouldn't mind that, so long at the shop person only looks at the ID.
(And I've never been asked to scan a passport when booking a flight.)
If we absolutely need to have software that has this level of identity, then we need to build infrastructure to support it. That infrastructure already exists to some degree as notaries and could be expanded and modernized to allow privacy preserving identity verification.
I'm curious as to why this might be necessary.
Whenever I've traveled internationally, while I've had to provide the airline with a bunch of info when booking my flight, I've never had to provide a scanned version of my passport.
Rather, when I arrive at my destination (at both ends) I need to show the nice customs folks my passport.
Which airlines require providing them with a scan of a passport to book a flight? I ask so that I can make sure never to use those airlines. Thanks!
Why? Proof of ID would be required at boarding time, and by Security who simply verify the supplied info matches the actual ID, but does not actually scan and store the document (nor should they)
I am unclear what in a booking process would require a person to scan in your passport to book the travel?
How would this work if I am a corporate booker needing to book flights for others, do I need to maintain a copy of their ID's?
Your example is pretty flawed, as is most examples you will come up with because in reality there is no reason to have to upload your ID. It is draconian and should be resisted by everyone for any purpose
I also see no problem with this. What could they realistically use this information for that would be nefarious? It doesn't actually store the ID in any real sense, as they explain in the link, and I see no reason for them to lie about that.
It's real easy to scream, "But My Privacy!!!", and probably a decent amount more difficult to come up with an actual and practical risk there.
Honestly, if your threat model includes "video game companies that lie about age verification systems", I don't think you're taking your security very seriously.
My friends and I were using the internet when we were under 13 years old (although not by much), and just clicked the button to confirm that we are older than 13 (mostly on various forums), and later on the same thing with 18 years old verification screens, and we turned out alright (at least from my perspective.)
Tencent already does this in China. Tencent owns 49% of Roblox. So the technology is available.
I'm guessing that's because things like COPPA don't apply to 13+ and identity verification lets them start building accurate PII profiles for children the day they turn 13. What a nasty business.
Now I'm even more wary of sending my ID to a company that's owned by another company that's owned by a repressive government and can influence how anyone in the chain can do business.
It's also worth pointing out that unlike Patreon's requirement for adult material creators, Roblox's verification is optional, which most of the discussion here on HN seems to be eliding.
https://www.theverge.com/2021/9/21/22684672/roblox-age-verif...
> For now, only one feature requires age verification: Roblox's new voice chat feature. During its initial beta, it will only be available to players who verify they are at least 13 years old. But the implication seems to be that other features -- perhaps specific Roblox games or community tools -- could be age-gated as the company works to protect its relatively young user base.
https://www.ftc.gov/enforcement/rules/rulemaking-regulatory-...
EDIT: @gruez: An attestion is likely no longer sufficient for Roblox's compliance requirements, and identity proofing is now cheap to perform (~$1-2/per proofing request). Cheaper to get ahead of the curve.
https://www.theverge.com/2021/9/21/22684672/roblox-age-verif...
> For now, only one feature requires age verification: Roblox’s new voice chat feature, Spacial Voice. During its initial beta test, it will only be available to players who verify they are at least 13 years old. (Roblox didn’t say whether it would later be available to users regardless of verification status.)
> But the implication seems to be that other features — perhaps specific Roblox games or community tools — could be age-gated as the company works to protect its relatively young user base. More than half of Roblox’s users are still under 13 (Roblox says “nearly 50 percent” were over 13 as of the second quarter of the year).
A business decision was made.
I didn't read the whole thing. I plan to one day though because I want to see what the rules are, but, to me, that summary sounds like the only reason you need to do it is if you want to collect personal information for children that are 13-17 year old.
Here's a wild idea... How about not collecting the personal information of children?
Is it really that hard on the privacy front to hire someone to keep watch and manually verify that someone is who they say they are? I assume the amount of people verifying will be massive at first, but after 2-3 months I could see the amount of people signing up (AND verifying their ID) would be in the thousands per week - easily handled by humans instead of "a third-party service"
Outsourced to Ping? Ok. Outsourced to some identity SaaS I never heard of that just closed their series B? Pass.
But then obviously I'd expect Microsoft to own their own identity story, and if they ever didn't I would immediately suspect I wasn't actually even dealing with Microsoft.
I would use it quite often for this kinds of things.
The 12 year old kid using the site will not care about the legal implications.
What could go wrong?
Whichever way, they're not getting my kids ID.
Hahahaha... jeez... /wipes a tear
They are in for a surprise of their corporate lives.
We have several accounts with them for our kids and I had all of them set with the birthday set to some random year between 1960 and 1990. Because, as every parent knows, any sort of "kids" account comes with random restrictions, needing to create parent account and all sort of other bullshit that complicates everyone's life and prolongs the sign-up process.
They must be smoking crack if they think that a non-trivial amount of teens (leave alone adults) are playing Roblox games. Because 99.9% of these games is a complete and utter junk that makes your eyes bleed and gets traction because of the (way) younger kids that play them. That's it. That's the Roblox secret sauce. But, yeah, let's card them. Brilliant, brilliant move.
I set up one of these for Apple and Microsoft, and boy oh boy, has it been an absolute shit-show. There have been tons of bugs with both, it is a terrible user experience all around, and it has actually cost me more money in very real terms (e.g. IAPs needing to be re-purchased three times).
Unfortunately it seems like nobody at tech companies actually dog-foods kid/family accounts, and just does it as a butt covering exercise to avoid regulation. They do the bare minimum and then let it rot.
All the kids I know just use fake info with fake birthdays. There's a huge risk of losing the account, but who even knows what to do. Obviously these companies don't want to invest in moderation, so I think they should focus on moderation tools and leave the parent/organizer account holders do the actual moderation.
Microsoft does the money handling on child accounts really well, but the family sharing is absolutely brutal. It's an insanely bad user experience.
Ad networks still figured out my real birthday :/
I think they're overestimating the importance of a gaming account.
Second, how is this going to work? I don't know a single kid that plays Roblox and has a government issued photo ID. And are they REALLY going to roll out a system where they're trying to train minors to scan their ID and submit it to a corporation for something as trivial as a game?
> When a government-issued ID is scanned for verification, an anonymized value is generated, allowing Roblox to safely verify identity without risking exposure of the user’s real identity.
There are two possibilities here:
1. It's absolutely bullshit and they store some portion of uniquely identifiable identity info, like your name + birthdate, somewhere.
2. It's absolutely useless because someone will create a website or app that fools the system by showing fake id and a matching "likeness".
So I don't believe at all the glossed over claims of respecting privacy on this. This is a bad idea and I hope it fails spectacularly.
Chances are their age verification system only applies if you say you’re 18+. I doubt they’re going to throw away players.
That's a quick ticket to getting a lot of 13-16 year old forbidden (by parents) from playing your game IMO.
Roblox is undoubtedly responding to backlash from revelations that they are exploiting children for economic growth. Here's a great summary: https://youtu.be/_gXlauRB1EQ
I've never seen this. Could you give an example? Me and my kids are pretty heavy players, with a couple games released, with one giving my kid a nice stream of Robux.
fauxblox.com is available for registration, someone more enterprising than myself is welcome :)
I see the logic of it. If you make laws that state kids can't have access to services you need a way to verify someone is in fact an adult.
That leaves the bad methods for countries that doesn’t have a good official or de facto standard eID system. But maybe that will create public pressure to adopt one.
But at that age, it's going to be kept somewhere safe by parents. The passport probably costs more than the budget airline holiday flight.
Well atleast video game code is nice and secur..... oh.
Driving force Bart Jacobs won the 2021 Stevin Prize €2.5M for his work on privacy & security https://www.ru.nl/english/research/prizes-achievements/stevi...
Wither it's via database accessibility (even if it's encrypted), a web front end, email, or IMs. They'll say all they want, but ids do leak.
