undefined | Better HN

0 pointsmatthewdgreen15d ago0 comments

Sure, but then you need to receive an attestation from that external dongle, and/or pre-provision it with an identity (like a national ID smartcard.) It might work in places that distribute this hardware, but it's a crummy UX. I expect that the goal of these systems is to make ID verification a requirement for most routine device usage, sadly, and external dongles will crap that up from a UX perspective.

There is also the problem that most external hardware is less secure than things like Apple's SEP. (But on the other hand, probably more secure than the long tail of cheap Android phones, which use virtualization rather than real hardware.)

0 comments

lxgr15d ago

> then you need to receive an attestation from that external dongle, and/or pre-provision it with an identity (like a national ID card.)

That's how it works in Germany: You tap your national ID card (as a citizen) or eID card (as a non-citizen) on any NFC-capable iPhone or Android device. I personally much prefer that solution over one that requires a specifically trusted device.

The big gap is trusted user confirmation, though: Users need to see what they sign by tapping their card, and then you're usually back to some form of attestation.

Practically, they also completely botched the rollout; literally everyone I know managed to somehow lock themselves out of their card at the first attempted use (assuming they've even bothered to set it up).

matthewdgreenOP15d ago

The adtechs want this so they can verify the "human" quality of each user. To do this, they don't want people tapping their government ID on their phones every single time they sign up for Reddit or receive an advertisement. Hence (some derivative of) the ID has to be stored on-device to make the browsing/usage experience seamless.

lxgr15d ago

Fair enough, I can see why not.

To me, it seems like just the right amount of friction, and user expectations can work in favor of privacy here: People will hopefully refuse to tap their ID on their phone for a service where they want to remain completely anonymous, even if the protocol technically might support anonymous assertions.

j / k navigate · click thread line to collapse

0 comments

lxgr15d ago

> then you need to receive an attestation from that external dongle, and/or pre-provision it with an identity (like a national ID card.)

The big gap is trusted user confirmation, though: Users need to see what they sign by tapping their card, and then you're usually back to some form of attestation.

matthewdgreenOP15d ago

lxgr15d ago

Fair enough, I can see why not.

j / k navigate · click thread line to collapse