this post was submitted on 16 Aug 2023
1343 points (97.1% liked)
Technology
60106 readers
1990 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I guess it only occasionally makes sense for government web sites and banks. X might have ambitions to become a bank, so in that sense it might make sense.
So another piece of advice: if twitter ever asks you if you want to start using it for banking, nope the fuck out.
You Americans should get to this century and start performing digital strong authentications like the rest of us. Sending picture of your ID to anyone is insane :)
How we do it here in Finland is that there are digital identity providers which use bank/mobile carrier to identify you. They then use MFA when identifying you. Any service can use these services to do strong authentication for you. And they don't cost anything for the customer, and is really cheap for the company who wants to identify you. It is also build into the law that you must identify people using these, to avoid identity theft.
We're still trying to decide if slavery was wrong give us some time
Half our country thinks that would be the mark of the Beast or some shit.
How doss your bank identify you?
When you walk in, the guy goes "hey Sam! I tupped your mom the other night."
By the card they issued me when I opened the account.
But how did they authenticate your identity when you opened the account? I'd not trying to be an arse - but at some point it will likely have come back to matching some official photo id against your face.
It's not like the bank KEEPS your ID
They once identify you from your driver's license, government id card or passport. After that you for example link your smart phone to you, and you use their app when you identify.
You can also use mobile carriers, they send a push notification directly to you phone+sim. Not sure what protocol they use here, because it opens up an UI which is plain android, and asks pin.
Everything relays on chain of trust that since one service has identified you, the next can trust too. Plus there is MFA to verify that you actually made the identification request.
The initial argument was ‘sending is to anyone is insane’ but that’s what you do with the bank. Yes it’s only once - but that’s the same as the other systems we are taking about here.
They don't accept it remote, only face-to-face. I have done it once, 15 years ago. Face-to-face is actually only way to do it to avoid identity theft.
Interesting, so your answer to identity authentication is it is it shouldn’t ultimately be done to do remotely and that everyone needs to queue at the counter.
Meanwhile the UK gov remote system seems to work rather well https://appadvice.com/app/gov-uk-id-check/1629050566
You do that once in your lifetime, and never after that.
Until you change banks, mobile phone provider or visit another country and want a local SIM
The other bank and other mobile provider identifies you through the another one. I am able to identify through two different banks and mobile provider, and have not in 15 years done it onprem. I do strong digital authentication generally once or twice a week.
Edit: last time was actually when I took house mortgage 13 years ago, and switched bank. Not really a issue to show ID onprem when talking 200k€.
So, to be clear - if you ever need to renew government documentation or get access to government systems (benefits or taxes), the government doesn’t ask to see government ID - it outsources that to bank procedures from n years ago?
Practical sense yes, I accessed my tax info today, and strongly authenticated through my mobile provider. It took me 2 seconds and there was MFA included in the process.
Edit: here is Finnish Cyber Security Centers article how the process works: https://www.kyberturvallisuuskeskus.fi/en/our-activities/regulation-and-supervision/electronic-identification
It is defined in Finnish law that all services must use this mechanisms
Looks like initial submission of identity documents can be done electronically - not necessarily in-person.
Yes, I noticed also that they have included this support now also.
I mean that's how it's like here in the States too. Show your paperwork at registration and that's it.
I have done it once, 15 years ago, after that I have never needed to go it again.
We have that
Idk, I've got my hands in a lot of financial cookie jars, and I don't recall ever being asked for something like this. At the very least, not in this manner.
It's pretty standard for European banks thanks to Know Your Customer laws.
If you keep in mind that it’s only done with special certified subcontractors, then yes. I would never give that information directly to a company like X. And yes, also those special companies are more times shady than they should be, but still.
Call it Twitter please
Dunno what you're talking about here but I've had to go through something similar every time I've opened a new account with a financial service.
But yeah, I would not trust Twitter/X either. Musk is too much of an emotional child following whatever whim takes his fancy that day.
I know there's a similar-ish process for accessing Spanish social security services online at least, and I believe it's the same for some other services as well.
Then again, Spanish public services are not exactly the gold standard for digitalization.
Wait are you Spanish too? Those websites look like they've been made by a secretary's cousin that only knew how to copy and paste in the 90s
I just have a few Spanish friends! And from what they're telling me that's probably exactly how these websites were made.
I mean, most public computers are very old too. Like 20 years old at leat
I have the opposite experience but maybe it’s just different in the EU
He's definitely pushing for Twitter to be the next WeChat.
Can't wait for the social credit system
To follow his dystopian vision of Twitter as the Everything app, in the US it will have to be a bank at some point. The same way that Apple is now a bank in order to power parts of their wallet and payment platforms.
Apple also now offers savings accounts. And it's been surprisingly successful.
That is because Apple has a cult following that begs to spend more money on Apple.
Or maybe because it has an APY of over 4%, which is pretty damn good for a savings account. If Google came up with a +4% APY savings account, I'm sure people would sign up for that in droves too.
Also, there are Apple, Google/Android, Microsoft and Linux cults. Apple is not unique in that arena.
Yeah, PayPal sure as fuck ain't a bank. And the same douche started that.
Max Levchin, Peter Thiel, and Luke Nosek own Twitter?
The only government function that has ever wanted a "selfie" was for my drivers license and passport. Both of which feature that picture. But I've never done either through a site.