I’m straight-up not comfortable uploading a government document online. Bite my shiny metal toosh, Microsoft.

  • MudMan
    link
    fedilink
    67 months ago

    I am fascinated by this. I guess when there is no universally recognized ID it feels weirder?

    I mean, sure, by all means withhold info from social media platforms, but if it’s one where you’re going to have your real name and your whole-ass work history on public display, surely verifying your ID is trivial? You could absolutely google the info in a LinkedIn page and find a bunch of additional info anyway.

    I get it intellectually, it’s a taboo now, just like it’s a taboo to have people find out your address or phone number when it used to be publicly listed until a few years ago. It’s just weird that it’s still a taboo for the services where verifying your ID is presumably a feature, not a bug.

    • @dhork
      link
      English
      167 months ago

      It’s less about verifying ID, and more about trusting them to be responsible with the documents.

      If they have a human assess the ID right away, and delete the file once that person’s identity has been assessed, that’s probably safe. But let’s face it, they probably store it somewhere, and when they inevitably get hacked now everyone’s driver’s license (with their state ID number, address, and DoB) is for sale on the dark web. There is enough info on your State Drivers’ License to open credit accounts, particularly if you forge some documents as well.

      • MudMan
        link
        fedilink
        -37 months ago

        Well, I guess I’m glad we have fairly secure documentation. Not that fraud doesn’t happen, but given how ubiquitous and easy to find that info is the real value is in the document itself, which is minted very much like paper money is and is pretty hard to falsify or forge.

        Like many other issues this is the kind of issue I find is fairly well solved.

        • @dhork
          link
          English
          47 months ago

          Let me guess, you’ve never had your identity stolen, have you?

          • MudMan
            link
            fedilink
            -17 months ago

            Nnnope. Presumably because I have secure government ID minted like paper money, containing a digital certificate and pretty hard to falsify or forge.

            Look, I’m not saying it doesn’t happen, I’m saying it’s a useful tool to mitigate it. I’ve definitely shared my official ID online for things. It’s even used for preorders sometimes in high demand items or concert tickets to prevent scalping and effectively limit amounts per person. It kinda works.

            • @dhork
              link
              English
              7
              edit-2
              7 months ago

              They dont steal your ID by cloning your passport, they steal it by getting just enough Personally Identifying Information to be able to start up credit cards and other loans that are tied to your credit history, without your knowledge. By the time you find out, they’ve run all the credit lines to the max and then you have to go around to all those companies and prove you didn’t make all those charges. Then you have to get all of your account numbers changed, because you don’t necessarily know what the hacker has compromised.

              Most of the information necessary for opening accounts is on your driver’s’ license. Pretty much the only thing it is missing is your SSN. And in some cases, a valid state license number can be used in place of that

              • MudMan
                link
                fedilink
                -1
                edit-2
                7 months ago

                Yeah, but that’s the point, with universal secure ID all of those actions require showing your universal secure ID. You can’t just give people enough information that sounds or is legit and get a loan, you need to provide your ID and have it verified.

                And hey, if somebody that holds a copy of your ID leaks it you’re only at risk for a bit of time, because these things expire and each new one you get looks different. It’s very hard and not worth it to forge these for that reason, and if somebody went to the trouble of doing that you could easily prove it doesn’t match the original you hold.

                Fraud and identity theft obviously still exist, but it normally involves getting older people to sign things they didn’t mean to or getting people to share their information through social engineering. But just finding your info online and generating enough debt to create a massive problem? That seems hard and reversible.

    • BonjeOP
      link
      English
      77 months ago

      My biggest gripe is that it’s done through a third party, Persona ID.

      They make you agree to another set of terms and conditions which opens you up to even more 3rd parties.

      I consent to Persona collecting, using, and utilizing its third-party service providers to process my biometric information in order to verify my identity for fraud prevention, in accordance with the Persona’s Privacy Policy. Your biometric information will be stored for no longer than 6 months.

      Were this limited to just Microsoft I might have caved.

    • @[email protected]
      link
      fedilink
      English
      37 months ago

      Its one of the challenges that seriously doesn’t seem to have an easy solution. Like the closest I can think of is a centralized authority that the service can send a identity verification request to that, then the user can sign into the centralized authority and confirm “yes I am the person you requested to verify”

      This would also help with annoying employment verification where I have to bring every document needed to steal my identity to my new employer for them to scan and digitally store indefinitely then return said documents to my safe