Ask HN: Is there a way to ensure one-person-one-account at all?

2 pointsaabbcc12411y ago24 comments

Without relying on any document issues from government, without excluding disabled person, and without requiring the admin to personally know each users.

Using credit card doesn't tell if two accounts are created by distinct person. And it exluced person without credit card.

There are some (incomplete) approach to check if the user is a person or a bot, but not if the users are distinct person as of my knowledge.

24 comments

solardev1y ago

The way I've seen this done is usually to outsource it to some third party like https://network.id.me/platform/identity-verification/ that does the verification by proxy, handles all the compliance and privacy stuff, and then tells the website operator "this user is verified as a _______".

I don't think your documents get shared with the website directly, just your verification status, but I'm not 100% sure about that.

And I think the verification process mixes and matches ID checks, employment records, credit records, text messages, etc., kinda like how a bank asks you "Which of these streets, if any, did you ever live on?". There are different questions for different kinds of verifications.

verdverm1y ago

The very first part of the post reads

> Without relying on any document issues from government

This does not seem to fit their criteria for a solution

solardev1y ago

I mentioned it in just in case it makes a difference that someone else handles the verification. Like PCI (for credit card processing), outsourcing it removes a lot of the cost and risk of doing it yourself and processing/storing all that sensitive PII.

At the end of the day, I don't think there's any non-governmental, non-biometric, non-financial way to really cross-check physical and online identities. It's gotta be tied into the real world somehow, and outsourcing it makes a lot more doable...

But yeah, if they don't want the user to have to provide documents at all, I think they're just SOL.

1 more reply

LinuxBender1y ago

Not AFAIK and with websites that make AI easier and easier it will be exceedingly more difficult to enforce such things. I think the site and it's services or products would have to be designed to incentivize one-person to one-account meaning that having more accounts would be a loss of benefits and just adding friction, effort and wasted time. Or conversely staying on one account and making more purchases and more customer reviews from that account means more discounts and benefits, maybe even some type of automated voting influence over what products and/or services get discounts that week meaning the site favors the real accounts that use the site the most.

RGamma1y ago

You'd require a secure biological hash like the stuff worldcoin is doing (iris biometrics). Otherwise I don't see how this doesn't end in a detection-circumvention arms race.

solardev1y ago

I'm curious about how that stuff works. What prevents someone from faking one of those scanner devices and generating fake hashes of nonexistent eyes? Or producing fake eyes for scanning?

The airport pay-to-skip-lines company (can't remember their name) uses a similar iris scanner setup to check people in, but presumably there they have tight controls over their devices and have human employees always standing by to try to limit abuse. It'd be pretty suspicious if you walked in with a fake eyeball or such there.

But anyone can buy a Worldcoin orb, right? Is it going to be like the console DRM wars, where once someone manages to root or extract a private key from such from a device, they can use it to make fake identities?

RGamma1y ago

Yeah, the initial enrollment is pretty problematic without trusted attestation. Reading the wikipedia entry on this, it seems at least the older devices can be fooled into accepting non-live-tissue scans (dunno the SOTA on this) which would enable fake enrollments but also impersonation. Impersonation could be mitigated with MFA at least. Dealing with compromised scanners would probably require a PKI and revocation mechanism, but don't take my word on this.

Seems kinda like a tough problem when you really mean to follow through, especially when making the least amount of concessions. It'd probably be easiest to integrate with existing government systems like eID, but that's region-specific and who knows how trustworthy that is long-term. I guess, there's also these sorta weird identification services that banks use (hold ID card and face into the video feed and variants), but same problem.

As for conceiving such a system in the first place, good luck ;)

verdverm1y ago

If you can tie login to a person's phone (passkey, google authenticator, text message, etc) than you can raise the bar. Most abuse is by a very small number of people who will not make it difficult to detect (like cycling through accounts during batch processing, many accounts from the same ip). Logs will be your friend and you really only care about the worst offenders, the rest won't be worth the time, effort, false positives

solardev1y ago

Passkeys and 2FAs aren't device-dependent (many apps let you sync them across devices, like Bitwarden or 1password).

Text messages are a little harder to fake/share, I suppose, but also more expensive to verify.

verdverm1y ago

Very few people are going to have sufficient devices to fake large numbers of accounts. Those that do are going to either (1) have other signals (2) be sophisticated enough to evade more advanced techniques

See the experiential point that it is better to keep the 80/20 rule in mind. Most users are not going to abuse the system, and those that do, do so with dozens or hundreds of accounts, not 2-3

1 more reply

JohnFen1y ago

I don't know in the absolute, but I've never seen a way to do this and can't think of a mechanism that would work.

fuzzfactor1y ago

One thing to think about is the way experience has shown that the internet itself was much more ideal when most users were still anonymous and it didn't make a big difference if anyone had more than one "screen name" or not.

JohnFen1y ago

Indeed so. I've never stopped using pseudonyms on the internet. I have a few of them I've used consistently for decades. I think the important thing in internet identity is continuity of the identity, not whether or not it corresponds with real-world identity.

I have never used my real-world identity on the internet, and won't start now. I think it's a bit nuts that people are willing to, but to each their own.

cowsup1y ago

Nope. Almost everybody has more than one device (laptop, phone, and maybe a tablet) with more than one IP (both home wifi and phone data). Everyone has multiple email addresses.

You could get by with requiring a unique phone number, but that still risks excluding users, and can get expensive if you intend on catering to an international audience. Even in that case, some people may have a landline and a cell phone, or they may use a friend/spouse/relative’s phone to circumvent your limits.

JohnFen1y ago

> You could get by with requiring a unique phone number

In the US, anyway, you can also get burner phones for about $10 at local stores. I do this routinely if someone is requiring a phone number to register for something that I really want to register for.

bediger40001y ago

As someone who hasn't been motivated in the past, how disconnected from other means of identification is such a burner phone?

Are the cameras watching the purchase? Can you pay cash? Is any record beyond a sales receipt generated?

1 more reply

j / k navigate · click thread line to collapse

24 comments

solardev1y ago

I don't think your documents get shared with the website directly, just your verification status, but I'm not 100% sure about that.

verdverm1y ago

The very first part of the post reads

> Without relying on any document issues from government

This does not seem to fit their criteria for a solution

solardev1y ago

But yeah, if they don't want the user to have to provide documents at all, I think they're just SOL.

1 more reply

LinuxBender1y ago

RGamma1y ago

You'd require a secure biological hash like the stuff worldcoin is doing (iris biometrics). Otherwise I don't see how this doesn't end in a detection-circumvention arms race.

solardev1y ago

I'm curious about how that stuff works. What prevents someone from faking one of those scanner devices and generating fake hashes of nonexistent eyes? Or producing fake eyes for scanning?

RGamma1y ago

As for conceiving such a system in the first place, good luck ;)

verdverm1y ago

solardev1y ago

Passkeys and 2FAs aren't device-dependent (many apps let you sync them across devices, like Bitwarden or 1password).

Text messages are a little harder to fake/share, I suppose, but also more expensive to verify.

verdverm1y ago

See the experiential point that it is better to keep the 80/20 rule in mind. Most users are not going to abuse the system, and those that do, do so with dozens or hundreds of accounts, not 2-3

1 more reply

JohnFen1y ago

I don't know in the absolute, but I've never seen a way to do this and can't think of a mechanism that would work.

fuzzfactor1y ago

JohnFen1y ago

I have never used my real-world identity on the internet, and won't start now. I think it's a bit nuts that people are willing to, but to each their own.

cowsup1y ago

Nope. Almost everybody has more than one device (laptop, phone, and maybe a tablet) with more than one IP (both home wifi and phone data). Everyone has multiple email addresses.

JohnFen1y ago

> You could get by with requiring a unique phone number

bediger40001y ago

As someone who hasn't been motivated in the past, how disconnected from other means of identification is such a burner phone?

Are the cameras watching the purchase? Can you pay cash? Is any record beyond a sales receipt generated?

1 more reply

j / k navigate · click thread line to collapse